search

yanncam / ShuckNT

ShuckNT is the script of Shuck.sh online service for on-premise use. It is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).
https://shuck.sh
GNU General Public License v3.0
63 stars 9 forks source link

Not showing NT hash for generated NTLMv1 challenge #1

Closed IcyCommand closed 1 year ago

IcyCommand commented 1 year ago

Hi,

I have tested this with a weak NT hash (Password) and generated the NTLMv1 challenge on shuck.sh however this doesn't list the NT hash, it only listed ****FF. If I try the same hash with the online shucker this works. I have a single NT hash in a text file, appended the ":1" as HIBP uses, reversed the hash and sorted. When running the tool it shows 1 candidate it loaded but does reveal the NT hash.

yanncam commented 1 year ago

Hello @IcyCommand,

Thank you very much for this issue! I managed to reproduce the problem.

This is not a problem with the ShuckNT engine itself (since it is exactly this script that is used on the online shuck.sh version), but a wordlist problem.

The problem occurs when the NT-hash wordlist is "too small". In your case, you created a wordlist with only a single value A4F49C406510BDCAB6824EE7C30FD852:1 and that is what causes the problem in the dichotomous binary search algorithm.

As soon as you enlarge the wordlist, this search works.

You can try for yourself, I generated a wordlist with 5 NT-hashes:

password:8846F7EAEE8FB117AD06BDD830B7586C
Password:A4F49C406510BDCAB6824EE7C30FD852
PASSWORD:7B592E4F8178B4C75788531B2E747687
Passw0rd:A87F3A337D73085C45F9416BE5787D86
passw0rd:B9F917853E3DBF6E6831ECCE60725930

So my wordlist.txt became:

8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1

I reverse, sort and binarize this wordlist:

php shucknt.php -r wordlist.txt
sort wordlist.txt-reversed -o wordlist.txt-reversed-sorted
php shucknt.php -b wordlist.txt-reversed-sorted

Now, I have the final wordlist wordlist.txt-reversed-sorted.bin and I try to shuck a Net-NTLMv1 of Password like you:

php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free

It works with this 5 lines wordlist !

But if I delete the latest NT-hash (B9F917853E3DBF6E6831ECCE60725930:1):

php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 1 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] ****************************D852
                [HIBP-CANDIDATES] 0
                [HIBP-OCCURENCE] 0
                [PT1]
                [PT2]
                [PT3] D852
                [K1]
                [K2]
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 1 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

It doesn't work even if the right NT-hash is in the wordlist:

$ cat wordlist.txt
8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1

So thank you, it is indeed a bug in the tool when the wordlists are too small.

I will look into fixing this bug as soon as possible.

Until then, I encourage you to use a substantial wordlist, like the HIBP one, or the darkc0de / rockyou converted to NT-hash for example.

Sincerely,

yanncam commented 1 year ago

Ok, so I dug into this problem and the code, and I have some new elements.

In reality, this is the very first NT-hash of the wordlist used which, as it stands, cannot be found via the Shuck engine (ShuckNT on-premise or Shuck.sh online, since it is the same engine).

So, in your example, if you create your own wordlist with a single NT-hash in it, it cannot be found.

If I use the wordlist :

A4F49C406510BDCAB6824EE7C30FD852:1

It doesn't work as you said.

If I cheat and add another NT-hash in the wordlist, which once reversed / sorted / binarized, places it at the top, then it works:

00000000000000000000000000000000:0
A4F49C406510BDCAB6824EE7C30FD852:1

There is the same problem with the HaveIBeenPwned wordlist. The very first hash of the HIBP-reversed-sorted-binarized wordlist is this one:

00000008d597fb5aed42b0e7415bf649:18 (already reversed)

So this kind of Net-NTLMv1 generated from this NT-hash is never found by ShuckNT+HIBP nor Shuck.sh online:

user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:87F56359AD689A25A676E7A183D141F3EFE380D08846B9FC:1234567812345678

The offending function is getHashNTCandidates() and in particular this section:

[...]
            if($start === $mid || $end === $mid){ // Positionned to the hash before
                fseek($fp, $mid+$byteLength); // Go down 1 hash+occurence
                $start = $mid+$byteLength;
                while(1){
                    $extract = fread($fp, $hashLength);
                    $occurenceHash = hexdec(bin2hex(fread($fp, $hashPrefixLength)));
                    $hashExtract = strval(strtoupper(bin2hex($extract)));
                    $hashPrefixExtract = substr($hashExtract, 0, 4);
                    if(strcmp(strval($hashPrefixExtract), strval($reversect3toNTLM)) === 0){
                        $output[] = array(  "occurence" => intval($occurenceHash),
                                    "des01" => ntlm2des(substr(strtoupper(strrev($hashExtract)), 0, 14)),
                                    "des02" => ntlm2des(substr(strtoupper(strrev($hashExtract)), 14, 14)),
                                );
                        $start += $byteLength;
                    } else break;
                }
                break;
            }
[...]

The // Go down 1 hash+occurence instruction is needed to get all right NT-hashs candidates for all NT-hash except the very first one...

I will continue to test to find a clean way to correct this problem without impacting overall performance and ensuring that the very first NT-hash is verified as well.

Thanks again for this interesting issue :) !

yanncam commented 1 year ago

Ok, so, I preferred not to touch the optimized dichotomous binary search function, so I applied a fix by forcing the addition of a very first NT-hash 00000000000000000000000000000000:0 in the inverted-sorted-binarized wordlist generated by the tool.

This very first NT-hash is automatically placed at the very beginning of the final formated-wordlist which is used by the tool, and this corrects the problem.

The commit is: https://github.com/yanncam/ShuckNT/commit/c63176152f0d81cf5069bbbfd668129c92e1bcd7

Can I let you get the latest version of the tool and retest on your side if everything is ok?

IcyCommand commented 1 year ago

Hi,

Thanks for looking into this! It doesn't appear that the fix is working for me. I can see the additional row is being added to the .bin file as the number of hash candidates has increased from 5 to 6. I have tried with the example you have provided however, when I run the tool I am getting "1 hash challange analyzed, with 0 NT-hash instantly broken"

Hash Candidates: 6

Wordlist.txt

8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
php shucknt.php -r wordlist.txt
sort wordlist.txt-reversed -o wordlist.txt-reversed-sorted
php shucknt.php -b wordlist.txt-reversed-sorted
php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j
yanncam commented 1 year ago

Uh !? It's weird because it works for me:

$ mkdir /tmp/shuck/
$ cd /tmp/shuck/
$ git clone https://github.com/yanncam/ShuckNT # Get latest version of ShuckNT with the commit of this night
$ cd ShuckNT
$ cat >wordlist.txt <<EOL
8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
EOL
$ php shucknt.php -r wordlist.txt
$ sort wordlist.txt-reversed -o wordlist.txt-reversed-sorted
$ php shucknt.php -b wordlist.txt-reversed-sorted
$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

It works for me like a charm :) !

If you want to compare wordlist generation:

$ cat wordlist.txt
8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
$ cat wordlist.txt-reversed
C6857B038DDB60DA711BF8EEAE7F6488:1
258DF03C7EE4286BACDB015604C94F4A:1
786747E2B13588757C4B8718F4E295B7:1
68D7875EB6149F54C58037D733A3F78A:1
03952706ECCE1386E6FBD3E358719F9B:1
$ cat wordlist.txt-reversed-sorted
03952706ECCE1386E6FBD3E358719F9B:1
258DF03C7EE4286BACDB015604C94F4A:1
68D7875EB6149F54C58037D733A3F78A:1
786747E2B13588757C4B8718F4E295B7:1
C6857B038DDB60DA711BF8EEAE7F6488:1
$ xxd wordlist.txt-reversed-sorted.bin
00000000: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000010: 0000 0000 0395 2706 ecce 1386 e6fb d3e3  ......'.........
00000020: 5871 9f9b 0000 0001 258d f03c 7ee4 286b  Xq......%..<~.(k
00000030: acdb 0156 04c9 4f4a 0000 0001 68d7 875e  ...V..OJ....h..^
00000040: b614 9f54 c580 37d7 33a3 f78a 0000 0001  ...T..7.3.......
00000050: 7867 47e2 b135 8875 7c4b 8718 f4e2 95b7  xgG..5.u|K......
00000060: 0000 0001 c685 7b03 8ddb 60da 711b f8ee  ......{...`.q...
00000070: ae7f 6488 0000 0001                      ..d.....

Keep me informed,

IcyCommand commented 1 year ago

Hi, thanks again. Very strange it looks like the binary files match? I'm going to try with a fresh install of the tool and will update. 

user1@ubuntu-01:/var/www/html$ xxd pwned-passwords-ntlm-reversed-ordered-by-hash-v8.bin 
00000000: 0000 0000 0000 0000 0000 0000 0000 0000  ................
00000010: 0000 0000 0395 2706 ecce 1386 e6fb d3e3  ......'.........
00000020: 5871 9f9b 0000 0001 258d f03c 7ee4 286b  Xq......%..<~.(k
00000030: acdb 0156 04c9 4f4a 0000 0001 68d7 875e  ...V..OJ....h..^
00000040: b614 9f54 c580 37d7 33a3 f78a 0000 0001  ...T..7.3.......
00000050: 7867 47e2 b135 8875 7c4b 8718 f4e2 95b7  xgG..5.u|K......
00000060: 0000 0001 c685 7b03 8ddb 60da 711b f8ee  ......{...`.q...
00000070: ae7f 6488 0000 0001                      ..d.....
user1@ubuntu-01:/var/www/html$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
    [USERNAME] user
    [DOMAIN] domain.tld
    [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
    [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [CT1] 86ECC270DC8082A7
        [CT2] AC99A02347DAFD0B
        [CT3] 1D7DA1AD492AFF19
    [ESS] YES
        [CLIENTCHALL] 1234567812345678
        [SERVERCHALL] DEADC0DEDEADC0DE
    [CHALLENGE] DC4B4952DD6066FE
    [NTHASH-SHUCKED] ****************************FFFF
        [HIBP-CANDIDATES] 0
        [HIBP-OCCURENCE] 0
        [PT1] 
        [PT2] 
        [PT3] FFFF
        [K1] 
        [K2] 
        [K3] FFFFC10101010101
    [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
    [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
    [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
    [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
    [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.
IcyCommand commented 1 year ago

I've followed the below steps but still get the same issue

mkdir /tmp/shuck/
$ cd /tmp/shuck/
$ git clone https://github.com/yanncam/ShuckNT # Get latest version of ShuckNT with the commit of this night
$ cd ShuckNT
$ cat >wordlist.txt <<EOL
8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
EOL
$ php shucknt.php -r wordlist.txt
$ sort wordlist.txt-reversed -o wordlist.txt-reversed-sorted
$ php shucknt.php -b wordlist.txt-reversed-sorted
$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j
1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
    [USERNAME] user
    [DOMAIN] domain.tld
    [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
    [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [CT1] 86ECC270DC8082A7
        [CT2] AC99A02347DAFD0B
        [CT3] 1D7DA1AD492AFF19
    [ESS] YES
        [CLIENTCHALL] 1234567812345678
        [SERVERCHALL] DEADC0DEDEADC0DE
    [CHALLENGE] DC4B4952DD6066FE
    [NTHASH-SHUCKED] ****************************FFFF
        [HIBP-CANDIDATES] 0
        [HIBP-OCCURENCE] 0
        [PT1] 
        [PT2] 
        [PT3] FFFF
        [K1] 
        [K2] 
        [K3] FFFFC10101010101
    [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
    [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
    [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
    [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
    [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

This is the full output 

user1@ubuntu-01:~$ mkdir /tmp/shuck/
user1@ubuntu-01:~$ cd /tmp/shuck/
user1@ubuntu-01:/tmp/shuck$ git clone https://github.com/yanncam/ShuckNT
Cloning into 'ShuckNT'...
remote: Enumerating objects: 34, done.
remote: Counting objects: 100% (34/34), done.
remote: Compressing objects: 100% (33/33), done.
remote: Total 34 (delta 16), reused 0 (delta 0), pack-reused 0
Receiving objects: 100% (34/34), 34.13 KiB | 1.07 MiB/s, done.
Resolving deltas: 100% (16/16), done.
user1@ubuntu-01:/tmp/shuck$ cd ShuckNT/
user1@ubuntu-01:/tmp/shuck/ShuckNT$ cat >wordlist.txt <<EOL
> 8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
> EOL
user1@ubuntu-01:/tmp/shuck/ShuckNT$ cat wordlist.txt 
8846F7EAEE8FB117AD06BDD830B7586C:1
A4F49C406510BDCAB6824EE7C30FD852:1
7B592E4F8178B4C75788531B2E747687:1
A87F3A337D73085C45F9416BE5787D86:1
B9F917853E3DBF6E6831ECCE60725930:1
user1@ubuntu-01:/tmp/shuck/ShuckNT$ php shucknt.php -r wordlist.txt
 __ _                _        __  _____
/ _\ |__  _   _  ___| | __ /\ \ \/__   \
\ \| '_ \| | | |/ __| |/ //  \/ /  / /\/
_\ \ | | | |_| | (__|   </ /\  /  / /
\__/_| |_|\__,_|\___|_|\_\_\ \/   \/  v1.0
DES-based authentication token shucker (https://shuck.sh)
@author : ycam | @asafety.fr / @yann.cam

ShuckNT is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).
Algorithms / formats supported :
        - NetNTLMv1(-ESS/SSP)
        - MSCHAPv2
        - NET(NT)LM
        - (LM|NT)HASH
        - PPTP-VPN $99$
        - All with any challenge value!

ShuckNT rely on "hash shucking" principle to optimize challenge-response cracking and exploitability.

From a list of input tokens, ShuckNT provides :
- The NT-hash instantly (pass-the-hash ready) through a smart-research in the HaveIBeenPwned latest database (if present);
- The Crack.Sh ready-to-use optimized token, to pay less or nothing if NT-hash not found in HIBP-DB;
- Several converted formats to try to crack them via other tools (hashcat, jtr, CloudCracker, etc.) :
        - Hashcat mode 5500 : to crack NetNTLMv1 to plaintext (unpredictable result, depend on wordlists, masks, rules...);
        - Hashcat mode 27000: to shuck NetNTLMv1 to NT-hash (unpredictable result / depend on NT-wordlists...);
        - Hashcat mode 14000: to shuck NetNTLMv1 to DES-keys then NT-hash (100% result / time needed);
- All the details of the dissection of the challenge-response (PT1/2/3, K1/2/3, CT1/2/3, HIBP occurences/candidates, LMresp, NTresp, challenges, etc.).

Use '-h' to print help.

[*] Start of hash reversal processing...
[+] Process completed in 0 second(s)!
user1@ubuntu-01:/tmp/shuck/ShuckNT$ sort wordlist.txt-reversed -o wordlist.txt-reversed-sorted
user1@ubuntu-01:/tmp/shuck/ShuckNT$ php shucknt.php -b wordlist.txt-reversed-sorted
 __ _                _        __  _____
/ _\ |__  _   _  ___| | __ /\ \ \/__   \
\ \| '_ \| | | |/ __| |/ //  \/ /  / /\/
_\ \ | | | |_| | (__|   </ /\  /  / /
\__/_| |_|\__,_|\___|_|\_\_\ \/   \/  v1.0
DES-based authentication token shucker (https://shuck.sh)
@author : ycam | @asafety.fr / @yann.cam

ShuckNT is design to dowgrade, convert, dissect and shuck authentication token based on Data Encryption Standard (DES).
Algorithms / formats supported :
        - NetNTLMv1(-ESS/SSP)
        - MSCHAPv2
        - NET(NT)LM
        - (LM|NT)HASH
        - PPTP-VPN $99$
        - All with any challenge value!

ShuckNT rely on "hash shucking" principle to optimize challenge-response cracking and exploitability.

From a list of input tokens, ShuckNT provides :
- The NT-hash instantly (pass-the-hash ready) through a smart-research in the HaveIBeenPwned latest database (if present);
- The Crack.Sh ready-to-use optimized token, to pay less or nothing if NT-hash not found in HIBP-DB;
- Several converted formats to try to crack them via other tools (hashcat, jtr, CloudCracker, etc.) :
        - Hashcat mode 5500 : to crack NetNTLMv1 to plaintext (unpredictable result, depend on wordlists, masks, rules...);
        - Hashcat mode 27000: to shuck NetNTLMv1 to NT-hash (unpredictable result / depend on NT-wordlists...);
        - Hashcat mode 14000: to shuck NetNTLMv1 to DES-keys then NT-hash (100% result / time needed);
- All the details of the dissection of the challenge-response (PT1/2/3, K1/2/3, CT1/2/3, HIBP occurences/candidates, LMresp, NTresp, challenges, etc.).

Use '-h' to print help.

[*] Starting the database binarization...
[+] Process completed in 0 second(s)!
user1@ubuntu-01:/tmp/shuck/ShuckNT$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
    [USERNAME] user
    [DOMAIN] domain.tld
    [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
    [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [CT1] 86ECC270DC8082A7
        [CT2] AC99A02347DAFD0B
        [CT3] 1D7DA1AD492AFF19
    [ESS] YES
        [CLIENTCHALL] 1234567812345678
        [SERVERCHALL] DEADC0DEDEADC0DE
    [CHALLENGE] DC4B4952DD6066FE
    [NTHASH-SHUCKED] ****************************FFFF
        [HIBP-CANDIDATES] 0
        [HIBP-OCCURENCE] 0
        [PT1] 
        [PT2] 
        [PT3] FFFF
        [K1] 
        [K2] 
        [K3] FFFFC10101010101
    [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
    [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
    [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
    [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
    [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.
yanncam commented 1 year ago

It's very strange indeed...

Your final output does not show the correct value of PT3. In your case it says FFFF while according to the Net-NTLMv1 and PT3 brute-force it should be D852.

As this PT3 value is wrong in your case, the search performed in the wordlist for all NT-hashes ending with this PT3 value is therefore wrong.

The calculation (via brute-force) of this PT3 value from the Net-NTLMv1 provided is done via the function bruteForcePT3FromCT3() which itself calls computeCtPartFromDesKeyChall(). And this last function uses a call to openssl_encrypt() from PHP-OpenSSL library.

Are you sure you have the OpenSSL library for PHP installed and enabled? What version of PHP are you using?

yanncam commented 1 year ago

I have made some more tests with PHP 7 and 8, under Linux-Debian-Ubuntu and Windows. And I observed some weird behaviour depending on the OS used...

Try yourself :

Case when you delimit the input hash from stdin with simple-quote ' (on Windows) : FAIL

$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678'
        [USERNAME] 'user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678'
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] D41D8CD98F00B204
        [NTHASH-SHUCKED] ****************************FFFF
                [HIBP-CANDIDATES] 0
                [HIBP-OCCURENCE] 0
                [PT1]
                [PT2]
                [PT3] FFFF
                [K1]
                [K2]
                [K3] FFFFC10101010101
        [CRACK.SH-TOKEN] $NETLM$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] 'user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:D41D8CD98F00B204
        [FORMAT-MSCHAPV2] $MSCHAPv2$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$1B2M2Y8AsgSG7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Case when you delimit the input hash from stdin with simple-quote ' (on Linux-Debian-Ubuntu) : OK

$ php shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Case when you delimit the input hash from stdin with double-quote " (on Windows) : OK

$ php shucknt.php -i "user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678" -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Case when you delimit the input hash from stdin with double-quote " (on Linux-Debian-Ubuntu) : OK (but be careful with input hash with $ symbol to not be interpreted in bash console)

$ php shucknt.php -i "user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678" -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Case when you don't delimit the input hash from stdin (on Windows) : OK

$ php shucknt.php -i user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678 -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Case when you don't delimit the input hash from stdin (on Linux-Debian-Ubuntu) : OK (but carefull of $ sign)

$ php shucknt.php -i user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678 -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 1 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 1 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Safest method to use ShuckNT with inputs

Finally, the safest method, whatever the running OS, is to put Net-NTLMv1 as input in a file, and to use the tool with -f rather than -i:

$ cat input.txt
user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
$ php shucknt.php -f input.txt -w wordlist.txt-reversed-sorted.bin -v -j                                                                                           

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

Can you check on your side ? :)

IcyCommand commented 1 year ago

It does look to be using lastest PHP with OpenSSL enabled. I've tested again a new VM (Fresh Kali image) and it works. Really not sure what's causing it on the Ubuntu. I will test this on a fresh Ubunutu VM as this may be some enviromental setting I have changed previously. 

user1@ubuntu-01:/var/www/html$ echo '<?php phpinfo(); ?>' | php 2>&1 |grep -i ssl
Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, tls, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3
openssl
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 3.0.2 15 Mar 2022
OpenSSL Header Version => OpenSSL 3.0.2 15 Mar 2022
Openssl default config => /usr/lib/ssl/openssl.cnf
openssl.cafile => no value => no value
openssl.capath => no value => no value
Native OpenSSL support => enabled
OpenSSL => Stig Venaas, Wez Furlong, Sascha Kettler, Scott MacVicar, Eliot Lear
user1@ubuntu-01:/var/www/html$ php --version
PHP 8.1.2-1ubuntu2.14 (cli) (built: Aug 18 2023 11:41:11) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2-1ubuntu2.14, Copyright (c), by Zend Technologies

I've tried with the file option but seems to still be showing the FFFF value for PT3

ser1@ubuntu-01:/var/www/html$ php shucknt.php -f challenge.txt -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
    [USERNAME] user
    [DOMAIN] domain.tld
    [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
    [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [CT1] 86ECC270DC8082A7
        [CT2] AC99A02347DAFD0B
        [CT3] 1D7DA1AD492AFF19
    [ESS] YES
        [CLIENTCHALL] 1234567812345678
        [SERVERCHALL] DEADC0DEDEADC0DE
    [CHALLENGE] DC4B4952DD6066FE
    [NTHASH-SHUCKED] ****************************FFFF
        [HIBP-CANDIDATES] 0
        [HIBP-OCCURENCE] 0
        [PT1] 
        [PT2] 
        [PT3] FFFF
        [K1] 
        [K2] 
        [K3] FFFFC10101010101
    [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
    [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
    [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
    [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
    [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 0 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

user1@ubuntu-01:/var/www/html$ cat challenge.txt 
user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
yanncam commented 1 year ago

It's really weird... Thank you for your additionnal tests, and glad to know that it works on Kali for you. Please keep me informed if you test with another fresh Ubuntu. Sincerely,

yanncam commented 1 year ago

I have just commited a little fix for Windows behaviour when token is passed through command-line argument with simple-quote '.

Before :

$ php.exe shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 1 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678'
        [USERNAME] 'user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678'
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] D41D8CD98F00B204
        [NTHASH-SHUCKED] ****************************FFFF
                [HIBP-CANDIDATES] 0
                [HIBP-OCCURENCE] 0
                [PT1]
                [PT2]
                [PT3] FFFF
                [K1]
                [K2]
                [K3] FFFFC10101010101
        [CRACK.SH-TOKEN] $NETLM$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] 'user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:D41D8CD98F00B204
        [FORMAT-MSCHAPV2] $MSCHAPv2$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$D41D8CD98F00B204$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$1B2M2Y8AsgSG7MJw3ICCp6yZoCNH2v0L//8=

1 hashes-challenges analyzed in 1 seconds, with 0 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

As we can see, the ending ' of the -i is embeded into the [CLIENTCHALL] 1234567812345678', so the shucking process doesn't work.

Now, with commit https://github.com/yanncam/ShuckNT/commit/b1ee7be4db27371a4907a3b65ee285198cc4af23:

$ php.exe shucknt.php -i 'user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678' -w wordlist.txt-reversed-sorted.bin -v -j

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.

[INPUT] user::domain.tld:DEADC0DEDEADC0DE00000000000000000000000000000000:86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:1234567812345678
        [USERNAME] user
        [DOMAIN] domain.tld
        [LMRESP] DEADC0DEDEADC0DE00000000000000000000000000000000
        [NTRESP] 86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
                [CT1] 86ECC270DC8082A7
                [CT2] AC99A02347DAFD0B
                [CT3] 1D7DA1AD492AFF19
        [ESS] YES
                [CLIENTCHALL] 1234567812345678
                [SERVERCHALL] DEADC0DEDEADC0DE
        [CHALLENGE] DC4B4952DD6066FE
        [NTHASH-SHUCKED] A4F49C406510BDCAB6824EE7C30FD852
                [HIBP-CANDIDATES] 1
                [HIBP-OCCURENCE] 1
                [PT1] A4F49C406510BD
                [PT2] CAB6824EE7C30F
                [PT3] D852
                [K1] A57B27890729437B
                [K2] CB5BA149EF3F0D1F
                [K3] D929810101010101
        [CRACK.SH-TOKEN] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19 ($20-$200)
        [FORMAT-NETNTLMV1-NO-ESS] user::domain.tld::86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19:DC4B4952DD6066FE
        [FORMAT-MSCHAPV2] $MSCHAPv2$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19$
        [FORMAT-NET(NT)LM] $NETLM$DC4B4952DD6066FE$86ECC270DC8082A7AC99A02347DAFD0B1D7DA1AD492AFF19
        [FORMAT-PPTP] $99$3EtJUt1gZv6G7MJw3ICCp6yZoCNH2v0L2FI=

1 hashes-challenges analyzed in 0 seconds, with 1 NT-Hash instantly broken for pass-the-hash and 0 that can be broken via crack.sh for free.
IcyCommand commented 1 year ago

This works on a fresh install of Ubuntu

yanncam commented 1 year ago

Perfect ! Glad to hear it! :)