RDPassSpray

RDPassSpary is a python tool to perform password spray attack in a Microsoft domain environment. ALWAYS VERIFY THE LOCKOUT POLICY TO PREVENT LOCKING USERS.

Install

git clone https://github.com/xFreed0m/RDPassSpray.git
pip3 install -r requirements.txt
apt-get install python-apt
apt-get install xfreerdp

Use

Advantages for this technique

Failed authentication attempts will produce event ID 4625 (“An account failed to log on”) BUT:

• the event won’t have the source ip of the attacking machine: 
• The event will record the hostname provided to the tool: 

Copyright (C) 2019 xFreed0m 

Source: https://github.com/xFreed0m/