Closed IgorMilavec closed 1 year ago
This is something that has been brought up before right? @troyhunt
@stebet @troyhunt I sent an email about this yesterday. Happy to track progress on this request here. Thanks again!
@stebet @troyhunt Any update here? Unfortunately, I don't have the experience to look at adding in this functionality to this repo. For now, I've taken the monolithic NTLM data from last December and ingested it into an indexed database. I'm consuming that data with a Node.js server application that works identically to the k-anonymity API you're currently providing. However, as this data continues to age, I'm much more interested in being able to query against the live dataset instead using NTLM hash prefixes. Please let us know if this request can move forward and what an ETA might look like. Thanks!
@miztroh I’ve been off on summer vacation lately but me and @troyhunt have discussed his briefly. We’ll go another round see what comes out of it :)
@stebet OK, great. Thanks for the follow-up!
@stebet Any update here? Thanks!
Any update on this? Would be great to have a way to pull NTLM hashes similar to Version 8 on the HIBP website, so we can run audits against local AD.
This is being worked on :). The downloader will be updated soon as well to support downloading the NTLM hashes.
That's great news, thanks for the update.
Done and delivered! https://www.troyhunt.com/pwned-passwords-adds-ntlm-support-to-the-firehose/
@stebet Thank you so much for your work on this. It's a huge win for my team and I know it will be for others as well!
To download ntlm hashes is there a flag?
To download ntlm hashes is there a flag?
Yes! Use -n
to download the NTLM hashes.
perfect, thank you very much!
Any chance of providing k-anonymity ranges for NTLM hashes? I think this would be valuable for checking local user's passwords in small AD domains, where downloading the whole corpus is a bit too much.