hlmcrack.sh

1. #!/bin/bash
2.  
3. #Built for Kali
4. #
5. # This tool will use rcrack to perform the full cracking process of a Half LM Hash.
6. #
7. #
8. # Usage: ./hlmcrack.sh hlmhashes.txt
9. #  
10. # By: Leon Teale (RandomStorm)
11. #
12.  
13. #Set path to your half lm tables
14. hlmtable=/root/Desktop/wordlists/Rainbow_Tables/Halflmchall/
15.  
16.  
17.  
18. #Check usage
19. if [ -z "$1" ];
20. then
21. echo "Usage: ./hlmcrack.sh john_netntlm.txt"
22.  
23. else
24.  
25. for line in `cat $1 | sort -u`; do
26.  
27. echo "$line" > /tmp/newhash.txt
28. hash="$line"
29. username="`echo $line | cut -d : -f 1`"
30. seedhash="`echo $line | cut -d : -f 4 | sed 's/\(.\{16\}\).*/\1/'`"
31.  
32. #Get the seed (the first 16 digits of the hash)
33. /usr/bin/rcracki_mt -h $seedhash $hlmtable > /tmp/seed.tmp
34.  
35. seed=`cat /tmp/seed.tmp | grep "plaintext of" | awk {'print ($NF)'}`
36.  
37. #Crack the remaining hash
38. perl /usr/share/metasploit-framework/data/john/run.linux.x64.mmx/netntlm.pl --seed $seed --file /tmp/newhash.txt 1> /dev/null
39. perl /usr/share/metasploit-framework/data/john/run.linux.x64.mmx/netntlm.pl --file /tmp/newhash.txt | grep "($username)" 2> /dev/null >> /tmp/hlmcrack.txt
40.  
41. done
42. fi
43.  
44. #Printed Output
45. clear
46. echo "#################################################################################"
47. echo "Half LM cracked:  cracked `cat /tmp/hlmcrack.txt | wc -l`\\`cat $1 | wc -l`"
48. echo ""
49. cat /tmp/hlmcrack.txt
50. echo ""
51. echo "#################################################################################"
52. rm /tmp/hlmcrack.txt
53. rm /tmp/newhash.txt
54. rm /tmp/seed.tmp