From 30e53b4a87501e0a495a0e0f9e1c19cd3041d136 Mon Sep 17 00:00:00 2001
From: Fplyth0ner <30000539+Fplyth0ner-Combie@users.noreply.github.com>
Date: Thu, 6 Jun 2024 00:17:13 +0800
Subject: [PATCH] Update README.md

The crack.sh service is unavailable, add ntlmv1.com.
---
 windows-hardening/ntlm/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows-hardening/ntlm/README.md b/windows-hardening/ntlm/README.md
index bcd646980..4514a9e9e 100644
--- a/windows-hardening/ntlm/README.md
+++ b/windows-hardening/ntlm/README.md
@@ -95,7 +95,7 @@ You could abuse some credentials/sessions you already have on the AD to **ask th
 If you are using `responder` you could try to \*\*use the flag `--lm` \*\* to try to **downgrade** the **authentication**.\
 _Note that for this technique the authentication must be performed using NTLMv1 (NTLMv2 is not valid)._
 
-Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) for example).
+Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) or [https://ntlmv1.com/](https://ntlmv1.com) for example).
 
 ### NTLMv1 attack with hashcat