Metasploit mailing list archives

smb_sniffer - redux

From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Tue, 24 Apr 2007 23:52:47 -0500

Today I spent some time poking around the old 2.7 code base and
remembered the smb_sniffer.pm module. Then I remembered
www.freerainbowtables.com had put out their halflmchall tables! Hooray!

I tweaked some of the code to output a Cain and Abel friendly output and
use the challenge key of 0x1122334455667788 and put it up on
http://grutz.jingojango.net/exploits/smb_sniffer.pm (also attached)

Plus a blog post.. :P  for posterity.

http://grutztopia.jingojango.net/2007/04/ntlmv1-metasploit-and-you.html

I shudder at migrating this code to ruby/msf3 however so I know i'll
keep 2.7 around for a little while longer.


-- 
                 ..:[ grutz at jingojango dot net ]:..
     GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03 8CB3 ECB4
        "There's just no amusing way to say, 'I have a CISSP'."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smb_sniffer.pm
Type: text/x-perl
Size: 13790 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070424/7a1ab1bf/attachment.pm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070424/7a1ab1bf/attachment.pgp>

Current thread:

smb_sniffer - redux Kurt Grutzmacher (Apr 24)
- msf3 payload_handler base (Apr 26)
  - msf3 payload_handler H D Moore (Apr 26)
- smb_sniffer - redux H D Moore (Apr 28)