Authentication

Testing if account exist without kerberos protocol

#~ cme ldap 192.168.1.0/24 -u users.txt -p '' -k

Testing credentials

#~ cme ldap 192.168.1.0/24 -u user -p password
#~ cme ldap 192.168.1.0/24 -u user -H A29F7623FD11550DEF0192DE9246F46B

Expected Results:

LDAP        192.168.255.131 5985   ROGER            [+] GOLD\user:password

Domain name resolution is expected

By default, the ldap protocol will ge the domain name by making connection to the SMB share (of the dc), if you don't want that initial connection, just add the option --no-smb

PreviousLDAPNextASREPRoast

Last updated