Unauth samaccountname string length problem

[garrettfoster13]

Unauth is failing to properly parse input files to the correct samaccountname string length and associated password. It is stripping the last two characters as expected but not account for the length limit for the attribute.

[W9HAX]

Had this same issue pop up today; tho it doesn't appear to always occur on my engagements.

Simple adjustment got me past this hurdle. Not sure if a PR would break other cases; but noting the patch here just incase others come across this.

def parse_input(inputfile, args):
    creds = []
    with open (inputfile) as f:
        y = f.read().split("\n")
        for i in y:
            if len(i) >= 16:
                # if accountname is 15 chars or more pw is first 14
                credentials = i + ":" + i.lower()[:-1]
            else:
                credentials = i + ":" + i.lower()
            creds.append(credentials)
        pw_spray(creds, args)

[garrettfoster13]

Yeah I think I've done similar. What I need to do is do some string formatting to do a few things:

1. make sure the string ends with $
2. Make sure the hostname value is only 15 chars + the $
3. Then .lower() the hostname value -1 char while respecting hostname values that aren't that length
   TBH I just haven't gotten around to it as it seems when you're using it for that behavior it's usually a generated wordlist rather than something like an ldapdomaindump or a null session dump.

Was your situation like that @W9HAX ?

[W9HAX]

Ah yes; this makes total sense. I just fed it a list of parsed A records from a DNS zone transfer and sprayed. Totally forgot to format with the MACHINE$ account name. Great stuff; all good!