Skip to content
This repository has been archived by the owner on Aug 7, 2020. It is now read-only.

LDAP-NTLMV1 #136

Closed
D-Hutch opened this issue Sep 6, 2017 · 2 comments
Closed

LDAP-NTLMV1 #136

D-Hutch opened this issue Sep 6, 2017 · 2 comments

Comments

@D-Hutch
Copy link

D-Hutch commented Sep 6, 2017
edited
Loading

HI,
I tested Responder in my org and got the following hash :

test::testdomain:000000000000000000000000000000000000000000000000:A44B9396CE62039A99632E13E5C8B8F80101000000000000646BE9505325D3014F560F72D60C217B0000000002000A0073006D006200310032000100140053004500520056004500520032003000300038000400160073006D006200310032002E006C006F00630061006C0003002C0053004500520056004500520032003000300038002E0073006D006200310032002E006C006F00630061006C000500160073006D006200310032002E006C006F00630061006C0008003000300000000000000000000000002000008D2149B9EA8B826B9EDA0C33F483A937BD9D9CB89DB0F8FE898AAB0E25C004FD0A00100000000000000000000000000000000000090014006C006400610070002F006C00650075006D0069000000000000000000:1122334455667788

it's seems to be output from "ldap.py" and the Responder repersent it as : "[LDAP] NTLMv1 Hash"
but HashID could not recognize it, and hashcat couldn't crack it too,
Maybe the hash format is wrong ?

thank you !
@GGGunrunner
Copy link

I'm not 100% sure if its applicable, but somebody asked similar question on StackExchange, and they confirmed it was a bug:

https://security.stackexchange.com/questions/139957/responder-smbv2-and-cracking

Hope it helps...

@D-Hutch
Copy link
Author

D-Hutch commented Sep 20, 2017

thanks, I later on found lgandx fork that seems to fix the problem .

@D-Hutch D-Hutch closed this as completed Sep 20, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@GGGunrunner @D-Hutch