Skip to content

Latest commit

 

History

History
73 lines (53 loc) · 1.79 KB

README.md

File metadata and controls

73 lines (53 loc) · 1.79 KB

NTLMCrack

Use ntlm.pw (by @lkarlslund) to automatically convert hash dumps to credentials

Features

  • Lookup cracked NTLM hashes straight from hashdump (hashcat format)
  • Split cracked hashes into 2 separate files with -s
  • Filter uncracked hashes with -f
  • Import hashes directly from NetExec nxcdb with -X

Demo

Should I Use This?

If this is a lab environment without any sensitive passwords, then sure.

Otherwise, read here

Usage

usage: NTLMCrack [-h] [-X [workspace]] [-s] [-n N] [-f] [file_path]

Use ntlm.pw to automatically convert hash dumps to credentials

positional arguments:
  file_path             Path to the file containing hash dumps

options:
  -h, --help            show this help message and exit
  -X [workspace], --nxc [workspace]
                        Dump hashes from netexec. Will use currently selected workspace by default
  -s, --separate-files  Output credentials in separate files
  -n N                  Limit to the first n lines of the file
  -f, --filter-not-found
                        Filter hashes that can't be cracked

Installation

  • With pipx:
pipx install git+https://github.com/Adamkadaban/NTLMCrack

Examples

Output to one file:

NTLMCrack example_hashes/hashes -n 100

Output to separate files:

NTLMCrack example_hashes/hashes -n 100 -s

Filter hashes that can't be cracked:

NTLMCrack example_hashes/hashes -f

Import hashes from current NetExec workspace:

NTLMCrack -X

Import hashes from specified NetExec workspace:

NTLMCrack -X GOAD