Metasploit mailing list archives
smb_sniffer module question
From: 0xlukej at gmail.com (Luke J)
Date: Sun, 10 Dec 2006 10:35:11 +0000
Cain is able to do what? Crack LM/NTLM challenge/response hashes? If so, I am aware of that or do you mean Cain is able to import the smb_sniffer output somehow? In addition, I have been testing sniffing with Cain to intercept the LM/NTLM challenge/response hashes as they are sent to smb_sniffer. However, it seems to have real difficult picking them up. Often it doesn't detect them at all. However, it is very reliable when sniffing LM/NTLM connections to an actual windows box. Anybody know if this is a problem with smb_sniffer? Cheers, Luke Daniel Rebsdorf wrote:
Luke J skrev:Heya, I've been writing a tool for utilising windows access tokens once a box has been compromised. One of the first things I have made it do is to connect to a remote IP whilst impersonating each access token in turn, in order to obtain password hashes for accounts that might be domain accounts. It is working fine but I was wondering if the smb_sniffer output format was intended for any particular cracking software. As far as I am aware, John doesn't have the ability to crack challenge/response hashes and I don't think you import them directly into Cain either (though there is the possibility I could be wrong on both counts!!!). I could run a packet sniffer and feed the pcap file into Cain but I figured that the output format of smb_sniffer might have been intended for some cracking software in particular but couldn't find any information on it. Can anyone help? Cheers, LukeCain is able to do it.
Current thread:
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question H D Moore (Dec 10)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Nicolas RUFF (Dec 18)
- smb_sniffer module question Luke J (Dec 10)
- smb_sniffer module question Daniel Rebsdorf (Dec 10)
- smb_sniffer module question Nicolas RUFF (Dec 13)
- smb_sniffer module question Luke J (Dec 11)