polenum Package Description

polenum is a python script which uses the Impacket Library from CORE Security Technologies to extract the password policy information from a windows machine. This allows a non-windows (Linux, Mac OSX, BSD etc..) user to query the password policy of a remote windows box without the need to have access to a windows machine.

Source: https://labs.portcullis.co.uk/tools/polenum/
polenum Homepage | Kali polenum Repo

• Author: deanx
• License: Modified Apache

Tools included in the polenum package

polenum – Extracts the password policy from a Windows system

[email protected]:~# polenum

  polenum 0.2 - (C) 2008 deanx

             RID[at]Portcullis-Security.com

  Usage:/usr/bin/polenum [username[:password]@]<address> [protocol list...]

        Available protocols: ['445/SMB', '139/SMB']

polenum Usage Example

Get the password policy of the system by logging in with the provided username and password (victim:[email protected]) using SMB port 445 (‘445/SMB’):

[email protected]:~# polenum victim:[email protected] '445/SMB'

[+] Attaching to 192.168.1.200 using victim:s3cr3t

    [+] Trying protocol 445/SMB...

[+] Found domain(s):

    [+] WIN7-X86
    [+] Builtin

[+] Password Info for Domain: WIN7-X86

    [+] Minimum password length: None
    [+] Password history length: None
    [+] Maximum password age: Not Set
    [+] Password Complexity Flags: 000000

        [+] Domain Refuse Password Change: 0
        [+] Domain Password Store Cleartext: 0
        [+] Domain Password Lockout Admins: 0
        [+] Domain Password No Clear Change: 0
        [+] Domain Password No Anon Change: 0
        [+] Domain Password Complex: 0

    [+] Minimum password age: None
    [+] Reset Account Lockout Counter: 30 minutes
    [+] Locked Account Duration: 30 minutes
    [+] Account Lockout Threshold: None
    [+] Forced Log off Time: Not Set