acccheck 介绍

这是被设计为一个密码字典攻击工具,目标是通过windows SMB 身份验证协议。打包在smb client二进制里的脚本,通常是依赖于它的执行结果。

资料来源:https://labs.portcullis.co.uk/tools/acccheck/

acccheck 首页
acccheck 源代码版本库

作者:Faisal Dean
许可:GPL v2

包含在acccheck里的工具

acccheck - 密码字典攻击工具,为中小企业
:~# acccheck

acccheck v0.2.1 - By Faiz

Description:
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.

Usage = ./acccheck [optional]

-t [single host IP address]
OR
-T [file containing target ip address(es)]

Optional:
-p [single password]
-P [file containing passwords]
-u [single user]
-U [file containing usernames]
-v [verbose mode]

Examples
Attempt the 'Administrator' account with a [BLANK] password.
acccheck -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
acccheck -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
acccheck -t 10.10.10.1 -u administrator -p password

acccheck 用法示例

扫描包含在SMB-ips.txt(T)的IP地址,并使用详细输出(-v):

:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK