Pass The Hash mod for smb/client.rb

[hdm at metasploit.com (H D Moore)]

Patch merged. LM2/NTLM2 is not yet implemented. Thanks!

-HD


On Wednesday 09 May 2007 02:11, Kurt Grutzmacher wrote:
> MSF3 now supports "Pass The Hash" for those times you need to use
> authentication but you can't crack the hashes. Right now its just
> looking for a password length of 65 characters (lanman:ntlm) so if you
> have a 65 character password then we'll have to figure something else
> out. :)
>
> I've done some limited testing against Windows 2000. The only one that
> didn't work was
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibility
> level set to 5 (LMv2, NTLMv2). It failed with the cleartext password too
> so I guess it hasn't been implemented yet.