Name		Name	Last commit message	Last commit date
parent directory ..
README.md		README.md
beacon.h		beacon.h
bofcompile.bat		bofcompile.bat
capturenetntlm.c		capturenetntlm.c
capturenetntlm.cna		capturenetntlm.cna
capturenetntlm.h		capturenetntlm.h
capturenetntlm.o		capturenetntlm.o

README.md

CaptureNetNTLM

Capture the NetNTLMv2 hash of the current user. This is done by simulating a NTLM authentication exchange between a client and server to capture the NetNTLMv2 hash.

Usage

capturenetntlm

Compile

1. Make sure Visual Studio is installed and supports C/C++.
2. Open the x64 Native Tools Command Prompt for VS <2019/2022> terminal.
3. Run the bofcompile.bat script to compile the object file.
4. In Cobalt strike, use the script manager to load the .cna script to import the tool.

Credits

The code in this BOF is heaviliy based on the GetNTLMChallenge project from Lee Christensen.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CaptureNetNTLM

CaptureNetNTLM

README.md

CaptureNetNTLM

Usage

Compile

Credits

Files

CaptureNetNTLM

Directory actions

More options

Directory actions

More options

Latest commit

History

CaptureNetNTLM

Folders and files

parent directory

README.md

CaptureNetNTLM

Usage

Compile

Credits