Navigation



SharpHose – Asynchronous Password Spraying Tool

Last updated: July 27, 2020 | 2,622 views

SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly.

SharpHose - Asynchronous Password Spraying Tool


It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers. The tool takes into consideration the domain password policy, including fine-grained password policies, in an attempt to avoid account lockouts.

Fine-grained password policies are enumerated for the users and groups that the policy applies to. If the policy applied also to groups, the group users are captured. All enabled domain users are then classified according to their password policies, in order of precedence, and marked as safe or unsafe. The remaining users are filtered against an optional user-supplied exclude list.

Besides just spraying, red team operators can view all of the password policies for a domain, all the users affected by the policy, or just view the enabled domain users. Output can be sent directly to the console or to a user-supplied output folder.

Asynchronous Password Spraying Tool for LDAP

Active Directory spraying nozzle using the LDAP protocol:

  • Asynchronous spraying for faster, but not too fast, results
  • Domain joined and non-joined spraying
  • Tight integration w/ domain password policies and fine grained password policies
  • Smart lockout prevention (lockoutThreshold n-1 just to be safe)
  • Optionally spray to specific domains and domain controllers
  • View password policies and the affected users

Using SharpHose Asynchronous Password Spraying Tool

Domain Joined Spray w/o Interaction

Domain Joined Spray w/ Exclusions

Non-Domain Joined Spray

Domain Joined Show Policies

Active Directory stores durations in negative large integer values which need to lapse after the last lockoutThreshold is exceeded.

You can download SharpHose here:

Or read more here.

Share210
Tweet46
Share
Buffer4
WhatsApp
Email
260 Shares
Posted in: Password Cracking Tools


Latest Posts:


HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
November 6, 2020 - 130 Shares
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
November 3, 2020 - 178 Shares
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
October 22, 2020 - 74 Shares
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
October 13, 2020 - 105 Shares
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
October 7, 2020 - 85 Shares
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
September 24, 2020 - 130 Shares


Comments are closed.