acccheck tool from Kali Linux

Kali Linux Day 1: Information Gathering: acccheck tool

What is acccheck?

acccheck. An information gathering tool from Kali Linux.

acccheck is a tool written by Faiz which connects to hosts and tries to identify a legitimate combination of username and passwords using a username and password list or dictionary file.

acccheck tool from Kali Linux
acccheck tool from Kali Linux

What do I need to use it?

In order to use acccheck, you need to:

  • Have your Kali instance in the same network as your victim machine (the machine which you are going use acccheck on).
  • Have the IP address of the victim.
  • Have a username and or password list in hand.

How do I use it?

It’s pretty straight forward. Just open Terminal, and type acccheck and input the required information. Here is a sample below:

acccheck -t <place the target IP here> -P <place the password file here if you will use a password file>

You can customize your command be referring to the screenshot above in this post. Remember that if you are going to use other options (except for -v), you need to provide information beside it. So if you are going to use “-U”, you will need to provide a file location after it:

acccheck -U ~/Desktop/listofusernames.txt …..

What did you do?

In my lab, I tested acccheck on a Windows Server 2003. I put the password file in the desktop so that it will be easier for me to find and refer to it.

After connecting my Kali virtual instance to the same network with the Windows Server 2003 instance, I searched for a password list, put it in Desktop (~/Desktop/) and changed the target directory of Terminal to ~/Desktop. After doing that prep work, I ran the tool by using the command:

acccheck -t 192.168.0.1 -P ./fasttrack.txt -u Administrator -v

Note:

  • 192.168.0.1 – this is the IP address of the target since. It is required by -t.
  • ./fasttrack.txt – the location of the password file relative to the current target directory of the terminal. It is required by -P.
  • Administrator – the target username. It is required by -u.
  • -v does not require anything.

What is the result?

It successfully found out the password of my Windows Server 2003 machine!

username: Administrator

password: Password1!

vmware_2017-02-21_12-33-59
acccheck password found!

What can an attacker do with this?

This is a test in a controlled environment with me using a commonly known password “Password1!”. If this is in a real world scenario, an attacker getting its hands on a network credential/s can use it to further attack other network hosts. If ever an attacker got his/her hands on the administrator password, then it is game over for that specific machine. Even worse, the business could go south specially if the victim machine is a Domain Controller.

Why? Because domain controllers are the administrators of a domain and an attacker having a domain controller rights can control almost all the networked computers / servers in the domain, edit user details, get confidential information, and destroy the infrastructure.

Lesson learned?

Always have your default / weak credentials checked. A small mishap like this can help an attacker a very long way. Also remember, use at least 14 characters long password with a mixture of letters, numbers, symbols, and capitalization.

Stay safe everyone!

 

Advertisements

2 thoughts on “Kali Linux Day 1: Information Gathering: acccheck tool

Care to comment?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s