ACCCHECK – Password dictionary attack tool for SMB

Tool Description

The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.

Tool Source: https://labs.portcullis.co.uk/tools/acccheck/

Kali Repo: http://git.kali.org/gitweb/?p=packages/acccheck.git;a=summary

General Details

[email protected]:~# acccheck

acccheck v0.2.1 - By Faiz

Description:
Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been
chosen, and tries a combination of usernames and passwords in the hope to identify
the password to a given account via a dictionary password guessing attack.

Usage = ./acccheck [optional]

 -t [single host IP address]
 OR
 -T [file containing target ip address(es)]

Optional:
 -p [single password]
 -P [file containing passwords]
 -u [single user]
 -U [file containing usernames]
 -v [verbose mode]

Examples
Attempt the 'Administrator' account with a [BLANK] password.
    acccheck -t 10.10.10.1
Attempt all passwords in 'password.txt' against the 'Administrator' account.
    acccheck -t 10.10.10.1 -P password.txt
Attempt all password in 'password.txt' against all users in 'users.txt'.
    acccehck -t 10.10.10.1 -U users.txt -P password.txt
Attempt a single password against a single user.
    acccheck -t 10.10.10.1 -u administrator -p password

Usage Example

[email protected]:~# acccheck.pl -T smb-ips.txt -v
Host:192.168.1.201, Username:Administrator, Password:BLANK

Video Tutorial: Coming Soon!