Metasploit mailing list archives
smb_sniffer module question
From: taz00 at tdcadsl.dk (Daniel Rebsdorf)
Date: Sun, 10 Dec 2006 11:09:57 +0100
Luke J skrev:
Heya, I've been writing a tool for utilising windows access tokens once a box has been compromised. One of the first things I have made it do is to connect to a remote IP whilst impersonating each access token in turn, in order to obtain password hashes for accounts that might be domain accounts. It is working fine but I was wondering if the smb_sniffer output format was intended for any particular cracking software. As far as I am aware, John doesn't have the ability to crack challenge/response hashes and I don't think you import them directly into Cain either (though there is the possibility I could be wrong on both counts!!!). I could run a packet sniffer and feed the pcap file into Cain but I figured that the output format of smb_sniffer might have been intended for some cracking software in particular but couldn't find any information on it. Can anyone help? Cheers, Luke
Cain is able to do it.
Current thread:
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question H D Moore (Dec 10)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Nicolas RUFF (Dec 18)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question Nicolas RUFF (Dec 13)
- smb_sniffer module question Luke J (Dec 11)