Monday, October 8, 2012

Generate NTLM hashes via command line

Turns out the NTLM hashing algo is super simple. It just takes the string you give it, converts it to UTF-16LE and then outputs the md4 of that. You can generate your own fairly simply at the command line:

iconv -f ASCII -t UTF-16LE <(printf "lolwut") | openssl dgst -md4
What this does is use a fairly popular unix utility "iconv". -f is the "from" encoding, which is this case is just simple ASCII and sets to "to" encoding using -t. It reads in the string using printf and pipes that to openssl for the digest. the result is the NT hash of the string (or password if you want to look at it like that) "lolwut"

$iconv -f ASCII -t UTF-16LE <(printf "lolwut") | openssl dgst -md4
dcc1ed89d1d080ef47dccf3e59a50d45
create a function and place it in .bashrc:
ntlm_hash () {
iconv -f ASCII -t UTF-16LE <(printf "$1") | openssl dgst -md4
}
now just type "ntlm_hash lolwut" to get the same result.

No comments:

Post a Comment