acccheck

Check for blank passwords on a target

$ acccheck -t [192.168.1.1]

$ acccheck -t [192.168.1.1] -u [administrator] -P [passwords.txt]

$ acccheck -t [192.168.1.1] -U [users.txt] -P [passwords.txt]

$ acccheck -t [192.168.1.1] -U [users.txt] -P [passwords.txt] -v

acccheck [-t target] [-u user] [-U userfile] [-p pass] [-P passfile] [options]

acccheck is a password dictionary attack tool designed specifically for Windows SMB authentication. It attempts to connect to the Windows IPC$ and ADMIN$ shares using provided credentials to identify valid username/password combinations.
The tool is useful during penetration testing to identify weak or default passwords on Windows systems. It can test single credentials or iterate through wordlists for both usernames and passwords.

-t target

Target IP address or hostname

Single username to test

File containing list of usernames

Single password to test

File containing list of passwords

Windows domain name

Verbose mode (show all attempts)

This tool is intended for authorized security testing only. Unauthorized access attempts are illegal. Account lockout policies may trigger after multiple failed attempts. The tool relies on SMB connectivity (ports 139/445) and may be blocked by firewalls.

acccheck was written by Faisal Dean (Faiz) and released as part of various penetration testing tool collections. It became part of Kali Linux and other security-focused distributions for Windows network security assessments.

smbclient(1), hydra(1), medusa(1), nmap(1)