[framework] Pass The Hash mod for smb/client.rb
H D Moore
hdm at metasploit.com
Wed May 9 07:43:34 CDT 2007
Patch merged. LM2/NTLM2 is not yet implemented. Thanks!
-HD
On Wednesday 09 May 2007 02:11, Kurt Grutzmacher wrote:
> MSF3 now supports "Pass The Hash" for those times you need to use
> authentication but you can't crack the hashes. Right now its just
> looking for a password length of 65 characters (lanman:ntlm) so if you
> have a 65 character password then we'll have to figure something else
> out. :)
>
> I've done some limited testing against Windows 2000. The only one that
> didn't work was
> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LMCompatibility
>level set to 5 (LMv2, NTLMv2). It failed with the cleartext password too
> so I guess it hasn't been implemented yet.
More information about the framework
mailing list