Use ntlm.pw (by @lkarlslund) to automatically convert hash dumps to credentials
- Lookup cracked NTLM hashes straight from hashdump (hashcat format)
- Split cracked hashes into 2 separate files with
-s
- Filter uncracked hashes with
-f
- Import hashes directly from NetExec nxcdb with
-X
If this is a lab environment without any sensitive passwords, then sure.
Otherwise, read here
usage: NTLMCrack [-h] [-X [workspace]] [-s] [-n N] [-f] [file_path]
Use ntlm.pw to automatically convert hash dumps to credentials
positional arguments:
file_path Path to the file containing hash dumps
options:
-h, --help show this help message and exit
-X [workspace], --nxc [workspace]
Dump hashes from netexec. Will use currently selected workspace by default
-s, --separate-files Output credentials in separate files
-n N Limit to the first n lines of the file
-f, --filter-not-found
Filter hashes that can't be cracked
- With pipx:
pipx install git+https://github.com/Adamkadaban/NTLMCrack
Output to one file:
NTLMCrack example_hashes/hashes -n 100
Output to separate files:
NTLMCrack example_hashes/hashes -n 100 -s
Filter hashes that can't be cracked:
NTLMCrack example_hashes/hashes -f
Import hashes from current NetExec workspace:
NTLMCrack -X
Import hashes from specified NetExec workspace:
NTLMCrack -X GOAD