Skip to content
This repository was archived by the owner on Aug 18, 2023. It is now read-only.

Commit f85e1e6

Browse files
TylousTylous
committed
v3.0
1 parent f0e3fc5 commit f85e1e6

2 files changed

Lines changed: 86 additions & 0 deletions

File tree

.goreleaser.yaml

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
# This is an example goreleaser.yaml file with some sane defaults.
2+
# Make sure to check the documentation at http://goreleaser.com
3+
before:
4+
hooks:
5+
# You may remove this if you don't use go modules.
6+
# you may remove this if you don't need go generate
7+
- go generate ./...
8+
builds:
9+
- env:
10+
- CGO_ENABLED=0
11+
goos:
12+
- "darwin"
13+
- "linux"
14+
- "windows"
15+
goarch:
16+
- "amd64"
17+
archives:
18+
- name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
19+
format: binary
20+
files:
21+
- LICENSE.txt
22+
- README.md
23+
checksum:
24+
name_template: '{{ .ProjectName }}_checksums.txt'
25+
source:
26+
enabled: false
27+
snapshot:
28+
name_template: "{{ .Tag }}-next"
29+
changelog:
30+
sort: asc
31+
filters:
32+
exclude:
33+
- '^docs:'
34+
- '^test:'
35+
- '.gitignore'
36+
- '.goreleaser.yml'

README.md

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,8 @@ go build Talon.go
3838
```
3939
$ ./Talon -h
4040
Usage of ./Talon:
41+
-A float
42+
Authentication attempts per lockout period (default 3)
4143
-D string
4244
Fully qualified domain to use
4345
-E Enumerates which users are valid
@@ -47,10 +49,14 @@ Usage of ./Talon:
4749
File containing the list of domain controllers to connect to
4850
-K Test against Kerberos only
4951
-L Test against LDAP only
52+
-Lockout float
53+
Account lockout period in minutes (default 60)
5054
-O string
5155
File to append the results to
5256
-P string
5357
Password to use
58+
-Passfile string
59+
File containing the list of passwords
5460
-U string
5561
Username to authenticate as
5662
-Userfile string
@@ -134,6 +140,11 @@ root@kali:~# ./Talon -Hostfile DCs -Userfile ValidUsers -D STARLABS.local -P "Pa
134140
[*] Account lock out detected - Do you want to continue.[y/n]:
135141
```
136142

143+
144+
###
145+
146+
147+
137148
### Troubleshooting
138149
Talon comes equip to detect if the targeted domain controllers are activy or become unavialble. This helps ensure your getting accurate results while not wasting time.
139150

@@ -156,10 +167,49 @@ root@kali:~# ./Talon -H 172.14.15.1 -Userfile ValidUsers -D STARLABS.local -P "F
156167
```
157168

158169

170+
### Timing Controls
171+
172+
Talon has the ability to perform password guessing against a list of possible passwords in a file using the (`-Passfile`). As this can be VERY DANGEROUS, Talon has controls in place to pause after a certain amount of attempts (`-A`) for a specified time (`-Lockout`). <b>Please note</b> that it is important to know the password policy before using these options as queueing multiple password attempts can lock out accounts if you do not have the Password policy.
173+
174+
175+
```
176+
./Talon -H 172.16.144.185 -Userfile users -Passfile Passwords -D STARLABS.local -Lockout 45 -A 2 -sleep 1.5
177+
178+
__________ ________ ___ ________ ________
179+
|\___ _\\\ __ \|\ \ |\ __ \|\ ___ \
180+
\|___ \ \_\ \ \|\ \ \ \ \ \ \|\ \ \ \\ \ \
181+
\ \ \ \ \ __ \ \ \ \ \ \\\ \ \ \\ \ \
182+
\ \ \ \ \ \ \ \ \ \____\ \ \\\ \ \ \\ \ \
183+
\ \__\ \ \__\ \__\ \_______\ \_______\ \__\\ \__\
184+
\|__| \|__|\|__|\|_______|\|_______|\|__| \|__|
185+
(@Tyl0us)
186+
187+
188+
[*] Warning: Selection option will spray multiple passwords and risk locking accounts. Do you want to continue? [y/n]: y
189+
190+
03-10-2022 15:58:21: Using password: Password123
191+
[-] 172.16.144.185 STARLABS.LOCAL\admin:Password123 = Failed
192+
[-] 172.16.144.185 STARLABS.LOCAL\ballen:Password123 = Failed
193+
[-] 172.16.144.185 STARLABS.LOCAL\cramon:Password123 = Failed
194+
[-] 172.16.144.185 STARLABS.LOCAL\hwells:Password123 = Failed
195+
[-] 172.16.144.185 STARLABS.LOCAL\ssmith:Password123 = Failed
196+
03-10-2022 15:58:26: Using password: Spring2022
197+
[-] 172.16.144.185 STARLABS.LOCAL\admin:Spring2022 = Failed
198+
[-] 172.16.144.185 STARLABS.LOCAL\ballen:Spring2022 = Failed
199+
[-] 172.16.144.185 STARLABS.LOCAL\cramon:Spring2022 = Failed
200+
[-] 172.16.144.185 STARLABS.LOCAL\hwells:Spring2022 = Failed
201+
[-] 172.16.144.185 STARLABS.LOCAL\ssmith:Spring2022 = Failed
202+
203+
Hit timeout period - Sleeping for 45 minutes...
204+
Will resume at 03-10-2022 16:43:35
205+
```
206+
207+
159208

160209
##### Changelog
161210
* Published on 04/09/2018
162211
* Version 1.2 released 02/14/2019
163212
* Version 1.3 released 05/03/2019
164213
* Version 1.4 released 03/17/2020
165214
* Version 2.0 public relase 06/18/2020
215+
* Version 3.0 relase 03/10/2022

0 commit comments

Comments
 (0)