Metasploit mailing list archives
NTLM/LM Challenge
From: sussurro at happypacket.net (Sussurro)
Date: Thu, 9 Apr 2009 00:14:46 -0400
Hello, I've been doing some playing with NTLM/LM Challenge hashes, and I built a new module which tries to quietly exploit a trusted site relationship in order to gather NTLM/LM Challenge hashes. The goal of this module is to be pretty quiet, so it is not overly aggressive on trying to get credentials, if the host supports NTLM auth then it will pass it along, if it isn't in the circle of trust, a pop-up will be displayed. In addition, since I don't think there was a tool to turn a cracked LM Challenge hash into the case sensitive NTLM pass, I am including a patch to allow the current tools to support challenge hashes. Feedback is welcome, I haven't done much with Metasploit or Ruby, so if you see something that is way off or can be improved, pass it along. Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090409/4f54e4ae/attachment.htm> -------------- next part -------------- A non-text attachment was scrubbed... Name: challenge_support.diff Type: text/x-diff Size: 2053 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090409/4f54e4ae/attachment.diff> -------------- next part -------------- A non-text attachment was scrubbed... Name: browser_capture_MShash.rb Type: application/octet-stream Size: 4016 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090409/4f54e4ae/attachment.obj>
Current thread:
- NTLM/LM Challenge Sussurro (Apr 08)
- load db_sqlite3 error jeffs (Apr 11)
- load db_sqlite3 error Carlos PĂ©rez (Apr 11)
- load db_sqlite3 error Jerome Athias (Apr 11)
- load db_sqlite3 error egypt at metasploit.com (Apr 11)
- load db_sqlite3 error jeffs (Apr 11)
- load db_sqlite3 error jeffs (Apr 11)
- NTLM/LM Challenge Kurt Grutzmacher (Apr 18)