Cracking HALFLM

Cатсн²² (in)sесuяitу / ChrisJohnRiley

I was recently reading through Chris Gates post on capturing and cracking HALFLM hashes with Metasploit and thought I’d give it a quick run through. (I won’t be rehashing what Chris already covered here, so I suggest you pop over to his blog for a quick coverage of HALFLM and the rainbowtable cracking method).

Until I read the post I’d been using the SMB_relay attack to load up a meterpreter shell onto the remote target, but seeing as Microsoft have finally decided this is a bug worth patching, it’s time to move on to other attack vectors. SMB_relay will still be a good attack vector for some attacks, but the patch against reflective relays means it’s not going to always be available.

msfAll was going well with the walkthrough, I’d captured the hash from the target machine and had the HALFLM tables downloaded (halflmchall _alphanumeric #1-7_x_2400_ 1122334455667788). So…

View original post 307 more words

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s