Description
Performs Kerberos-based password brute forcing against domain accounts.
Overview
Performs Kerberos-based password brute forcing by sending AS-REQ messages to the KDC. This method is stealthier than traditional brute forcing as it does not generate Windows logon events (4625) for failed attempts. Supports single or multiple users and passwords.
Only successful credential matches produce output. Failed attempts are silent by design.
Parameter Sets
SingleUserSinglePass
| Parameter |
Type |
Required |
Description |
| User |
string |
Yes |
A single username to brute force. |
| Password |
string |
Yes |
A single password to try. |
| Domain |
string |
Yes |
The target domain. |
| DC |
string |
No |
The domain controller to target. |
SingleUserPassFile
| Parameter |
Type |
Required |
Description |
| User |
string |
Yes |
A single username to brute force. |
| Passwords |
string |
Yes |
Path to a file containing passwords (one per line). |
| Domain |
string |
Yes |
The target domain. |
| DC |
string |
No |
The domain controller to target. |
UserFileSinglePass
| Parameter |
Type |
Required |
Description |
| Users |
string |
Yes |
Path to a file containing usernames (one per line). |
| Password |
string |
Yes |
A single password to try. |
| Domain |
string |
Yes |
The target domain. |
| DC |
string |
No |
The domain controller to target. |
UserFilePassFile
| Parameter |
Type |
Required |
Description |
| Users |
string |
Yes |
Path to a file containing usernames (one per line). |
| Passwords |
string |
Yes |
Path to a file containing passwords (one per line). |
| Domain |
string |
Yes |
The target domain. |
| DC |
string |
No |
The domain controller to target. |
Dependencies
Operating Systems
