polenum包装说明

polenum是它使用Impacket图书馆的核心安全技术来从Windows机器的密码策略信息的python脚本。这使得非Windows(在Linux,Mac OSX,BSD等)用户查询远程Windows机器的密码策略,而不需要访问Windows机器。

资料来源:https://labs.portcullis.co.uk/tool​​s/polenum/
polenum首页 | 卡利polenum回购

  • 作者:deanx
  • 许可:Apache修改

包含在polenum包工具

polenum - 从Windows系统中提取密码策略
[email protected]:~# polenum

  polenum 0.2 - (C) 2008 deanx

             RID[at]Portcullis-Security.com

  Usage:/usr/bin/polenum [username[:password]@]<address> [protocol list...]

        Available protocols: ['445/SMB', '139/SMB']

polenum用法示例

获取系统的密码策略与提供的用户名和密码(受害者:[email protected]登录使用SMB端口445('445 / SMB“):

[email protected]:~# polenum victim:[email protected] '445/SMB'

[+] Attaching to 192.168.1.200 using victim:s3cr3t

    [+] Trying protocol 445/SMB...

[+] Found domain(s):

    [+] WIN7-X86
    [+] Builtin

[+] Password Info for Domain: WIN7-X86

    [+] Minimum password length: None
    [+] Password history length: None
    [+] Maximum password age: Not Set
    [+] Password Complexity Flags: 000000

        [+] Domain Refuse Password Change: 0
        [+] Domain Password Store Cleartext: 0
        [+] Domain Password Lockout Admins: 0
        [+] Domain Password No Clear Change: 0
        [+] Domain Password No Anon Change: 0
        [+] Domain Password Complex: 0

    [+] Minimum password age: None
    [+] Reset Account Lockout Counter: 30 minutes
    [+] Locked Account Duration: 30 minutes
    [+] Account Lockout Threshold: None
    [+] Forced Log off Time: Not Set