The readme file

[samiam1086]

Really enjoyed the talk you gave and when I went to try this out I wanted to validate that everything was working nicely but following the readme hashcat fails to crack with the given DES keys. After playing with it the ntlm-to-des converter you have sheds light.

Here is the output if you just follow the readme and echo the ntlm-and-des-converter.py output

If you use ntlm-to-des.py it also includes that you need to wrap the des keys in $HEX[des-key-here] This works and hashcat returns a cracked status for each key

Still a really awesome attack path just needs the "Testing with the des converter" readme section to be updated so im the only one who needs to spend time cursing at hashcat

[evilmog]

Ntlm-and-des-converter wasn't written by me, I'll remove the tool from the repo, ntlm-to-des.py is the correct implementation, I'll update the readme

On Sat, Sep 28, 2024, 16:55 Daniel @.***> wrote:

Really enjoyed the talk you gave and when I went to try this out I wanted to validate that everything was working nicely but following the readme hashcat fails to crack with the given DES keys. After playing with it the ntlm-to-des converter you have sheds light.

Here is the output if you just follow the readme and echo the ntlm-and-des-converter.py output image.png (view on web) https://github.com/user-attachments/assets/06e93009-dd30-414f-a1ef-f38020d01e94 image.png (view on web) https://github.com/user-attachments/assets/691d5694-5f58-4b35-9c02-f2ce4e080632

If you use ntlm-to-des.py it also includes that you need to wrap the des keys in $HEX[des-key-here] image.png (view on web) https://github.com/user-attachments/assets/9dae1489-ed7b-490b-8956-a9d7cff969f2 This works and hashcat returns a cracked status for each key image.png (view on web) https://github.com/user-attachments/assets/01de0429-f44b-4086-a3b5-9a23682fc0e8

Still a really awesome attack path just needs the "Testing with the des converter" readme section to be updated so im the only one who needs to spend time cursing at hashcat

— Reply to this email directly, view it on GitHub https://github.com/evilmog/ntlmv1-multi/issues/14, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAZBQUWMTT736PU2M6DWEWLZY4XULAVCNFSM6AAAAABPBAIZQWVHI2DSMVQWIX3LMV43ASLTON2WKOZSGU2TINJUHE4DAOA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[evilmog]

Really enjoyed the talk you gave and when I went to try this out I wanted to validate that everything was working nicely but following the readme hashcat fails to crack with the given DES keys. After playing with it the ntlm-to-des converter you have sheds light.

Here is the output if you just follow the readme and echo the ntlm-and-des-converter.py output

If you use ntlm-to-des.py it also includes that you need to wrap the des keys in $HEX[des-key-here] This works and hashcat returns a cracked status for each key

Still a really awesome attack path just needs the "Testing with the des converter" readme section to be updated so im the only one who needs to spend time cursing at hashcat

I corrected the readme, please review

[samiam1086]

Looks like it shows up in three places you got the one in the "NTLM hash to DES Key Converter for data validation testing" section but the one in the "NTLMv1 without ESS" section is still there and the one in the "NTLMv1 with ESS" section.

[evilmog]

Sorry about that, I'll take care of that tonight, I'll ping when done

On Thu, Oct 3, 2024, 15:49 Daniel @.***> wrote:

Looks like it shows up in three places you got the one in the "NTLM hash to DES Key Converter for data validation testing" section but the one in the "NTLMv1 without ESS" section is still there and the one in the "NTLMv1 with ESS" section.

— Reply to this email directly, view it on GitHub https://github.com/evilmog/ntlmv1-multi/issues/14#issuecomment-2392401320, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAZBQUXKYVQZOQUMSQINENTZZW3YHAVCNFSM6AAAAABPBAIZQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGOJSGQYDCMZSGA . You are receiving this because you commented.Message ID: @.***>