29 lines
988 B
Markdown
29 lines
988 B
Markdown
# Password Policies
|
|
|
|
In order to generate password lists it is of importance to know the password
|
|
policies of the designated target. Therefore one can use `netexec` or
|
|
`crackmapexec` to find out how they look like.
|
|
|
|
```sh
|
|
netexec smb $TARGET_IP --pass-pol
|
|
```
|
|
|
|
## Password Complexity Flags
|
|
|
|
The output of netexec contains a field which indicates what [password
|
|
complexity](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-gpsb/0b40db09-d95d-40a6-8467-32aedec8140c)
|
|
is used.
|
|
|
|
> Flag that indicates whether the operating system MUST require that passwords
|
|
> meet complexity requirements. If this flag is set, it indicates that passwords
|
|
> MUST meet a specific minimum requirement. This value MUST be between 0 and
|
|
> 2^16. A value of 0 indicates that no password complexity requirements apply.
|
|
> Any other valid value indicates that password complexity requirements apply.
|
|
|
|
Categories of complexity are
|
|
|
|
* Uppercase letters
|
|
* Lowercase letters
|
|
* Digits
|
|
* Special characters
|