p0dalirius / sectools

A Python native library containing lots of useful functions to write efficient scripts to hack stuff.
https://podalirius.net/
GNU General Public License v3.0
32 stars 6 forks source link

[bug] Error when parsing hashes in sectools/windows/crypto.py #9

Closed LightxR closed 3 months ago

LightxR commented 3 months ago

I encounter some error while playing with ldapconsole (which uses parse_lm_nt_hashes function from sectools)

crypto

It looks like the function can't handle the hash when provided in lm:nt format

Looking at the code, we can simply it a little bit and add an else condition :

def parse_lm_nt_hashes(lm_nt_hashes_string):
    lm_hash_value, nt_hash_value = "", ""
    if lm_nt_hashes_string is not None:
        matched = re.match("([0-9a-f]{32})?(:)?([0-9a-f]{32})?", lm_nt_hashes_string.strip().lower())
        m_lm_hash, _, m_nt_hash = matched.groups()
        if m_lm_hash is None and m_nt_hash is not None:
            lm_hash_value = "aad3b435b51404eeaad3b435b51404ee"
            nt_hash_value = m_nt_hash
        elif m_lm_hash is not None and m_nt_hash is None:
            lm_hash_value = m_lm_hash
            nt_hash_value = nt_hash("")
        else:
            lm_hash_value = m_lm_hash
            nt_hash_value = m_nt_hash
    return lm_hash_value, nt_hash_value

Now, with this modification, it works 👍

crypto2

Thanks for your work and awesome tools :)

p0dalirius commented 3 months ago

Thank you !