Update README.md

The crack.sh service is unavailable, add ntlmv1.com.
This commit is contained in:
Fplyth0ner 2024-06-06 00:17:13 +08:00 committed by GitHub
parent e66f7e1e37
commit 30e53b4a87
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -95,7 +95,7 @@ You could abuse some credentials/sessions you already have on the AD to **ask th
If you are using `responder` you could try to \*\*use the flag `--lm` \*\* to try to **downgrade** the **authentication**.\ If you are using `responder` you could try to \*\*use the flag `--lm` \*\* to try to **downgrade** the **authentication**.\
_Note that for this technique the authentication must be performed using NTLMv1 (NTLMv2 is not valid)._ _Note that for this technique the authentication must be performed using NTLMv1 (NTLMv2 is not valid)._
Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) for example). Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) or [https://ntlmv1.com/](https://ntlmv1.com) for example).
### NTLMv1 attack with hashcat ### NTLMv1 attack with hashcat