What is acccheck?

Description:

The tool is designed as a password dictionary attack tool that targets windows authentication via the SMB protocol. It is really a wrapper script around the ‘smbclient’ binary, and as a result is dependent on it for its execution.

GO TO SITE

Author: Faisal Dean

License: GPLv2

Tools included in the package:

acccheck–PassworddictionaryattacktoolforSMB

root@kali:~# acccheck 

 

acccheck v0.2.1 - By Faiz 

 

Description: Attempts to connect to the IPC$ and ADMIN$ shares depending on which flags have been chosen, and tries a combination of usernames and passwords in the hope to identify the password to a given account via a dictionary password guessing attack. 

 

Usage = ./acccheck [optional] 

 

 -t [single host IP address]  OR  -T [file containing target ip address(es)] 

 

Optional:  -p [single password]  -P [file containing passwords]  -u [single user]  -U [file containing usernames]  -v [verbose mode] 

 

Examples Attempt the 'Administrator' account with a [BLANK] password.     acccheck -t 10.10.10.1 

9 

 

Attempt all passwords in 'password.txt' against the 'Administrator' account.     acccheck -t 10.10.10.1 -P password.txt Attempt all password in 'password.txt' against all users in 'users.txt'.     acccehck -t 10.10.10.1 -U users.txt -P password.txt Attempt a single password against a single user.     acccheck -t 10.10.10.1 -u administrator -p password

Acccheck usage example:

Scan the IP addresses contained in smb - ips.txt ( - T) and use verbose output ( - v) : 

root@kali:~# acccheck.pl -T smb-ips.txt -v Host:192.168.1.201, Username:Administrator, Password:BLANK