polenum包装说明
polenum是它使用Impacket图书馆的核心安全技术来从Windows机器的密码策略信息的python脚本。这使得非Windows(在Linux,Mac OSX,BSD等)用户查询远程Windows机器的密码策略,而不需要访问Windows机器。
资料来源:https://labs.portcullis.co.uk/tools/polenum/
polenum首页 | 卡利polenum回购
- 作者:deanx
- 许可:Apache修改
包含在polenum包工具
polenum - 从Windows系统中提取密码策略
[email protected]:~# polenum
polenum 0.2 - (C) 2008 deanx
RID[at]Portcullis-Security.com
Usage:/usr/bin/polenum [username[:password]@]<address> [protocol list...]
Available protocols: ['445/SMB', '139/SMB']
polenum用法示例
获取系统的密码策略与提供的用户名和密码(受害者:[email protected])登录使用SMB端口445('445 / SMB“):
[email protected]:~# polenum victim:[email protected] '445/SMB'
[+] Attaching to 192.168.1.200 using victim:s3cr3t
[+] Trying protocol 445/SMB...
[+] Found domain(s):
[+] WIN7-X86
[+] Builtin
[+] Password Info for Domain: WIN7-X86
[+] Minimum password length: None
[+] Password history length: None
[+] Maximum password age: Not Set
[+] Password Complexity Flags: 000000
[+] Domain Refuse Password Change: 0
[+] Domain Password Store Cleartext: 0
[+] Domain Password Lockout Admins: 0
[+] Domain Password No Clear Change: 0
[+] Domain Password No Anon Change: 0
[+] Domain Password Complex: 0
[+] Minimum password age: None
[+] Reset Account Lockout Counter: 30 minutes
[+] Locked Account Duration: 30 minutes
[+] Account Lockout Threshold: None
[+] Forced Log off Time: Not Set