Is it possible to get a login and NTLM?

TalAloni / SMBLibrary

Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0, SMB 2.1 and SMB 3.0 server and client library

GNU Lesser General Public License v3.0

733 stars 185 forks source link

Is it possible to get a login and NTLM? #229

Closed nvd05 closed 1 year ago

nvd05 commented 1 year ago

Hello, @TalAloni Could you please tell me if it is possible to get login and NTLM during authorization?

(There are sites that can decode this string based on their database. Of course, they may not decode every combination as the database is limited, but it's better than nothing).

TalAloni commented 1 year ago

Username can be obtained but NTLM credentials were specifically designed to prevent decoding. the same password will be encoded to a different value in each login attempt.

nvd05 commented 1 year ago

For some reason, sites like https://md5decrypt.net/en/Ntlm/#answer produce the same result for the same string.

I will check the code that results from Windows coding later.

TalAloni commented 1 year ago

Producing the same result for the same string happen only for NTLM v1 which is not used these days. it was replaced by NTLM v2

nvd05 commented 1 year ago

Thank you for the information.