File tree 2 files changed +20
-3
lines changed
2 files changed +20
-3
lines changed Original file line number Diff line number Diff line change @@ -75,11 +75,28 @@ Get-ADComputer -Filter * -Properties LastLogonDate |
7575
7676----
7777
78- ## Password Spray
78+ ## Password Policy & Spray
7979
80- > These accounts with weak or old passwords are a security risk to an organization,
80+ > AD accounts with weak or old passwords are a security risk to an organization,
8181> as their passwords may not comply to latest domain password policy and has been dormant.
82- > Malicious actors finding these accounts can use it to gain read access to Active Directory through method such as a password spray attack using nxc.
82+ > Malicious actors finding these accounts can use it to gain read access to Active Directory.
83+
84+ > Get the AD Password Policy:
85+
86+ ``` PowerShell
87+ # Specify the trusted domain name
88+ $trustedDomain = "target.int"
89+
90+ # Get password policy details for the trusted domain
91+ $passwordPolicy = Get-ADDefaultDomainPasswordPolicy -Server $trustedDomain
92+
93+ # Display the password policy details
94+ $passwordPolicy | Select-Object *
95+ ```
96+
97+ ![ password-policy.png] ( /images/password-policy.png )
98+
99+ > Attack using a password spray attack using nxc.
83100
84101``` bash
85102nxc -t 1 smb domaincontroller.domain.internal -u userlist.txt -p password --continue-on-success
You can’t perform that action at this time.
0 commit comments