-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Using Credentials
Every protocol supports using credentials in one form or another. For details on using credentials with a specific protocol, see the appropriate wiki section.
Generally speaking, to use credentials, you can run the following commands:
crackmapexec <protocol> <target(s)> -u username -p password
Note: When using usernames or passwords that contain special symbols, wrap them in single quotes to make your shell interpret it as a string, for
crackmapexec <protocol> <target(s)> -u username -p 'Admin!123@'
By specifying the credential ID with the -id flag you can use any credential set that's been stored in the database (saves a lot of typing):
crackmapexec <protocol> <target(s)> -id <cred ID(s)>
See the database wiki page for more information on CME's database.
All protocols support brute-forcing and password spraying. For details on brute-forcing/password spraying with a specific protocol, see the appropriate wiki section.
By specifying a file or multiple values CME will automatically brute-force logins for all targets using the specified protocol:
Examples:
crackmapexec <protocol> <target(s)> -u username1 -p password1 password2
crackmapexec <protocol> <target(s)> -u username1 username2 -p password1
crackmapexec <protocol> <target(s)> -u ~/file_containing_usernames -p ~/file_containing_passwords
crackmapexec <protocol> <target(s)> -u ~/file_containing_usernames -H ~/file_containing_ntlm_hashes