Tool Locks Accounts

[b1gbroth3r]

Can you elaborate more on the conditions that you tested this PoC with? I ran it in my home lab and it definitely locked out both local and domain-joined accounts, regardless of whether it successfully bruteforced the password or not.

The only case that I found where I could brute force the user's password without locking the account is if a domain-joined account had logged into a box, and that box had lost connection to the network. This allowed me to bruteforce the cached domain creds, and once I re-connected the box I could login without it being locked out.

This wouldn't be very feasible on an actual engagement, considering both the client and the client's users are going to notice/be upset if you're forcing computers off the network to crack accounts. If you could provide additional details regarding the circumstances when you tested this and managed to not lock out any account, that would be appreciated.

[DarkCoderSc]

Please check the README.md : https://github.com/DarkCoderSc/win-brute-logon/blob/master/README.md

You will find the exact scenario I used during the tests. This PoC of course doesn't work if LockDown policy is set (It is not by default).