Unable to simulate Password Spraying attack as no text file is created under Exploitation folder

Question

Unable to simulate Password Spraying attack as no text file is created under Exploitation folder

IAMinZoho opened this issue 2 years ago · comments

Please check:

I did see that WinPwn will ask the password to be sprayed in the code but I didn't get that option while executing the script. Please advise.

S3cur3Th1sSh1t · Answer 1 · Sun Jul 24 2022 18:21:50 GMT+0800 (China Standard Time)

You did use the username==password check. Th this case it’s not asking for the password as that’s == the username.

The main menu also has a domain password spray option. And this asks for a password.

S3cur3Th1sSh1t · Answer 2 · Sun Jul 24 2022 18:22:27 GMT+0800 (China Standard Time)

I think this should be straight forward to find but if you still have problems just ask

ƧÅƝǩƯ · Answer 3 · Sun Jul 24 2022 20:45:26 GMT+0800 (China Standard Time)

I got confused with the 3 different password spray options in the tool. Thanks to you I was able to solve the mystery and simulate it in all the 3 cases: with the user with a password blank; the same username & password; and with a custom password. Works perfectly!