Skip to content

Modifief the Get-ObservationWindowForLockouts section so that it works now in any windows environment. #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
pocahon wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Modifief the Get-ObservationWindowForLockouts section so that it works now in any windows environment. #40

Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
7032d95
Update DomainPasswordSpray.ps1
pocahon Jan 12, 2023
34c14e8
Update DomainPasswordSpray.ps1
pocahon Jan 16, 2023
badee64
Update DomainPasswordSpray.ps1
pocahon Feb 8, 2023
aa12b8c
Update DomainPasswordSpray.ps1
pocahon Feb 8, 2023
7e72587
Update DomainPasswordSpray.ps1
pocahon Feb 8, 2023
f99fde9
Update DomainPasswordSpray.ps1
pocahon Feb 8, 2023
79ae110
Update DomainPasswordSpray.ps1
pocahon Mar 30, 2023
74e23f3
Update DomainPasswordSpray.ps1
pocahon Mar 30, 2023
f7384ce
Update DomainPasswordSpray.ps1
pocahon Mar 30, 2023
48b1b62
Update DomainPasswordSpray.ps1
pocahon Mar 30, 2023
30a70eb
Update DomainPasswordSpray.ps1
pocahon Mar 30, 2023
075a604
Merge branch 'master' into master
pocahon Feb 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 15 additions & 11 deletions DomainPasswordSpray.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ function Invoke-DomainPasswordSpray{
Write-Host -ForegroundColor Yellow "[*] WARNING - Be very careful not to lock out accounts with the password list option!"
}

$observation_window = Get-ObservationWindow $CurrentDomain
$observation_window = Get-ObservationWindowForLockouts $CurrentDomain

Write-Host -ForegroundColor Yellow "[*] The domain password policy observation window is set to $observation_window minutes."
Write-Host "[*] Setting a $observation_window minute wait in between sprays."
Expand Down Expand Up @@ -258,7 +258,7 @@ function Countdown-Timer
)
if ($quiet)
{
Write-Host "${Message}: Waiting for $($Seconds/60) minutes. $($Seconds - $Count)"
Write-Host "${Message: Waiting for $($Seconds/60) minutes. $($Seconds - $Count)}"
Start-Sleep -Seconds $Seconds
} else {
foreach ($Count in (1..$Seconds))
Expand Down Expand Up @@ -396,7 +396,7 @@ function Get-DomainUserList
}
}

$observation_window = Get-ObservationWindow $CurrentDomain
$observation_window = Get-ObservationWindowForLockouts $CurrentDomain

# Generate a userlist from the domain
# Selecting the lowest account lockout threshold in the domain to avoid
Expand Down Expand Up @@ -559,15 +559,19 @@ function Invoke-SpraySinglePassword
Start-Sleep -Seconds $RandNo.Next((1-$Jitter)*$Delay, (1+$Jitter)*$Delay)
}
}

}

function Get-ObservationWindow($DomainEntry)

Function Get-ObservationWindowForLockouts
{
# Get account lockout observation window to avoid running more than 1
# password spray per observation window.
$DomainEntry = [ADSI]$DomainEntry
$lockObservationWindow_attr = $DomainEntry.Properties['lockoutObservationWindow']
$observation_window = $DomainEntry.ConvertLargeIntegerToInt64($lockObservationWindow_attr.Value) / -600000000
return $observation_window
# Get the account lockout observation window to prevent more than one password spray during the observation period.
$domainPolicy = Get-ADDefaultDomainPasswordPolicy -Identity $Domain
if ($domainPolicy.LockoutObservationWindow -eq $null) {
return $null
}

$observationWindowInMinutes = $domainPolicy.LockoutObservationWindow.Minutes

return $observationWindowInMinutes

}