Metasploit mailing list archives
Pass The Hash mod for smb/client.rb
From: hdm at metasploit.com (H D Moore)
Date: Wed, 9 May 2007 07:43:34 -0500
Patch merged. LM2/NTLM2 is not yet implemented. Thanks! -HD On Wednesday 09 May 2007 02:11, Kurt Grutzmacher wrote:
MSF3 now supports "Pass The Hash" for those times you need to use authentication but you can't crack the hashes. Right now its just looking for a password length of 65 characters (lanman:ntlm) so if you have a 65 character password then we'll have to figure something else out. :) I've done some limited testing against Windows 2000. The only one that didn't work was HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibility level set to 5 (LMv2, NTLMv2). It failed with the cleartext password too so I guess it hasn't been implemented yet.
Current thread:
- Pass The Hash mod for smb/client.rb Kurt Grutzmacher (May 09)
- Pass The Hash mod for smb/client.rb H D Moore (May 09)