Empty password
It is possible that accounts have an empty password if the useraccountcontrol attribute contains the value PASSWD_NOT_REQ.
Last updated
It is possible that accounts have an empty password if the useraccountcontrol attribute contains the value PASSWD_NOT_REQ.
Last updated
Login on DC02 with the username Administrator and password Welcome01!.
Open the "Active Directory Users and Computers" administration tool on DC02
3. Click on "View" and enable "Advanced Features".
4. Right click the "Users" section and select "New" and then "User". Create a new user named bank_dev with the password Password01!. Make sure to deselect "User must change password at next logon" and select "Password never expires".
4. Right click the user and select "Properties". Open the tab "Attribute Editor", search for "Useraccountcontrol" and click "Edit".
5. Set the value to 544 and cick "OK".
6. Click "Apply" and "OK".
7. Right click on bank_dev and select "Reset Password". Uncheck "User must change password at next logon" and make sure the Password fields are empty. Click on "OK"
It is possible that accounts have an empty password if the useraccountcontrol attribute contains the value PASSWD_NOT_REQ. With access to a normal domain user we could request all users with this attribute set.
Use the discovered credentials john and password Welcome2022! with CrackMapExec to authenticate over ldap and request all users with the value PASSWD_NOT_REQ set.
2. We already knew the user steve had a empty password from our initial access attacks. The Guest password is empty by default, but this account is also disabled by default. We can check if bank_dev user has a empty password just like we did earlier.
The password is indeed empty.
Periodically check for users with the PASSWD_NOT_REQ attribute and remove it.
Check for users with the attribute:
Remove the attribute:
Check for users with the attribute and remove the attribute:
