RDPassSpray: perform password spraying using RDP

by do son ·

password spraying RDPassSpray

RDPassSpray

RDPassSpary is a python tool to perform password spray attack in a Microsoft domain environment. ALWAYS VERIFY THE LOCKOUT POLICY TO PREVENT LOCKING USERS.

Install

git clone https://github.com/xFreed0m/RDPassSpray.git
pip3 install -r requirements.txt
apt-get install python-apt
apt-get install xfreerdp

Use

password spraying

Advantages for this technique

Failed authentication attempts will produce event ID 4625 (“An account failed to log on”) BUT:

  • the event won’t have the source ip of the attacking machine: No source IP
  • The event will record the hostname provided to the tool: Fake hostname

Copyright (C) 2019 xFreed0m 

Source: https://github.com/xFreed0m/

Tags: Password SprayingRDPassSpray