[framework] NTLM Type 3 message and Windows Passwd
H D Moore
hdm at metasploit.com
Wed Mar 12 12:38:52 CDT 2008
You can brute force them, but it takes longer than a normal NTLM crack,
because its the output of MD4(CHALLENGE,NTLM(PASSWORD)) (or something
close, its been a while since i looked at the code). In other words, you
can't rainbow table it unless you can force a specific challenge key.
This is what the smb_sniffer module in Metasploit does.
-HD
On Wednesday 12 March 2008, Abhijeet Hatekar wrote:
> Is these responses and NTLM hashes are having some relation?
More information about the Framework
mailing list