~~~~~~~~~~~~~~~~~~~
Changelog version 1.6:
~~~~~~~~~~~~~~~~~~~
* added the ability to specify creds if you want to pull the entire domain and do a username/pw dump when null sessions are not available
Rid Enum is a RID cycling attack that attempts to enumerate user accounts through null sessions and the SID to RID enum. If you specify a password file, it will automatically attempt to brute force the user accounts when its finished enumerating.
Ridenum is a null session RID cycle attack for brute forcing domain controllers.
– RID_ENUM is open source and uses all standard python libraries minus python-pexpect. –
You can also specify an already dumped username file, it needs to be in the DOMAINNAME\USERNAME format.
Usage and download from git:
git clone https://github.com/trustedsec/ridenum && cd ridenum ./ridenum.py 192.168.1.50 500 50000 (your dictionary password *.txt) python ridenum.py 192.168.1.50 500 50000 (your dictionary password *.txt) Upgrade: git pull origin master
Download : ridenum.zip(8.16 KB) | Clone Url | Our post Before
Source: https://github.com/trustedsec