03-13-2023, 04:12 PM
(12-19-2022, 06:57 PM)Chick3nman Wrote: It's not currently released, apologies. I try to only release things in a relatively polished state so I've got quite the backlog of half finished stuff. This is also a little further complicated by the ESS/SSP hashes that do not contain a valid LM challenge response. I've not yet decided how to handle those hashes and if I should trust the user to know better or if I should try and parse the hash to reject them in the module parser.
Hi!
If there is no vaild response, it may simply indicate a wrong password. If think we can filter it out, as with the NTLM version. Even John can not tell, and try to attack such hash with no success. Hope that helps a bit. Tell me if I can help you with testing!