Home

Awesome

Invoke-CleverSpray

Password Spraying Script detecting current and previous passwords of Active Directory User by @flelievre

Options:

-Password: Password to spray.
-PasswordFile: Path to file containing a list of passwords to spray.
-Username: samAccountName of the user to target.
-UsernamesFile: Path to file containing a list of samAccountNames to target.
-Domain: The domain to query for users, defaults to the current domain.
-Limit: Only users having a 'badPwdCount' lower or equal to Limit will be targeted (default is 1 to avoid blocking accounts).
-Delay: Delay between authentication attemps (in s).
-Jitter: Jitter for the authentication attemps delay.
-HideOld: Hide old password discovered (default is false).

Usage: Import Invoke-CleverSpray:

Import-Module .\Invoke-CleverSpray.ps1

Spray a unique password:

Invoke-CleverSpray -Password "Passw0rd"

Spray multiple passwords:

Invoke-CleverSpray -PasswordFile ".\pwd_list.txt"

Behavior:

WARNING: Default -Limit is set to 1 (i.e. only user accounts having a "badPwdCount" lower or equal to 1 will be targeted). You can increase this value at your own risk to target more users. I cannot garantee no users will be locked.

**Greetings: ** Thanks @harmj0y for PowerView !