mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-24 21:53:54 +00:00
Update README.md
The crack.sh service is unavailable, add ntlmv1.com.
This commit is contained in:
parent
e66f7e1e37
commit
30e53b4a87
1 changed files with 1 additions and 1 deletions
|
@ -95,7 +95,7 @@ You could abuse some credentials/sessions you already have on the AD to **ask th
|
|||
If you are using `responder` you could try to \*\*use the flag `--lm` \*\* to try to **downgrade** the **authentication**.\
|
||||
_Note that for this technique the authentication must be performed using NTLMv1 (NTLMv2 is not valid)._
|
||||
|
||||
Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) for example).
|
||||
Remember that the printer will use the computer account during the authentication, and computer accounts use **long and random passwords** that you **probably won't be able to crack** using common **dictionaries**. But the **NTLMv1** authentication **uses DES** ([more info here](./#ntlmv1-challenge)), so using some services specially dedicated to cracking DES you will be able to crack it (you could use [https://crack.sh/](https://crack.sh) or [https://ntlmv1.com/](https://ntlmv1.com) for example).
|
||||
|
||||
### NTLMv1 attack with hashcat
|
||||
|
||||
|
|
Loading…
Reference in a new issue