AnsweredAssumed Answered

Password Auditing & Password Bruteforcing

Question asked by Joseph Arenas on Apr 10, 2019

Hi,

 

I would like to better understand the workflow around which the specific feature works.
My idea of password bruteforcing is that,
- It has different levels, (as per public documentation)
- It bruteforces actual logins. ( Login attempts will be recorded by Windows)

- It can only bruteforce local Windows accounts.
- You can have your own list by having a list similar to this:
      L: Administrator

      P: password

- Scanning domain controller will bruteforce all user accounts

 

However, can I have a list with a domain specified?
     L: DOMAINA\user01

     P: password

Can someone give me a better idea of the limitations and actual workflow of this feature?

 

My idea of password auditing via PC is that:
- Dissolvable agent will access password hashes and compare it to given passwords

- It has three levels as well, the last being able to create custom list

- The list is just a list of passwords:

      password1

      password2

      password3

 

Can I use this to audit domain accounts in a domain controller?
Does this only apply for local windows accounts?
What is the workflow behind this?


Links of references so you won't have to:

https://qualysguard.qualys.com/qwebhelp/fo_portal/module_pc/scan/password_auditing.htm

https://qualysguard.qualys.com/qwebhelp/fo_portal/brute_forcing/win_configure_brute_forcing.htm

https://community.qualys.com/docs/DOC-1092

Outcomes