NTLMHash -> LM Hash & NTLMHash #53
Comments
|
lm_hash_present? will return false if the password is blank, but in that case there's no way to actually be sure whether the system stored lm hashes or not so it really doesn't matter. For the case where we only use one part of the has or the other, it would still be very easy to split the data so we only get thee part we want, so I don't think this is a big deal. Historically we have always stored the entire thing. It would also be much more complicated to store them seperately and re-associate them later. |
|
Can you create the item if you only have one without the other etc without having to manually append a blank LM hash in the code etc? |
|
no, the validations check to see that both are there. that is how we validate it as a valid NTLM hash. It must have both the LM and the NT hash present. |
|
If you have only the NT hash, it's simple to just prepend a blank LM. |
|
But messy :p |
|
um alot less messy than storing them seperately and trying to associate between them. This is the way we have always stored NTLM hashes, as a complete set. |
|
Well without a separate object etc you could expose a helper method |
Just pondering if NTLM hash should be split into its component parts. For example RDP PTH with XFreeRDP accepts only the NTLM hash. Not sure if I can think of any captures where you don't get a blank LM hash but I expect it may occur at some point. Or just a way to grab them out from the object to pass neatly to other things without having to split them etc.
Comments suggest that it is used only for SMB but that's not accurate ;)
lm_hash_present? logic is wrong if the entire password is blank?
Note: I have only looked at the model and don't really know how this all works at the moment
The text was updated successfully, but these errors were encountered: