Get system info from NTLM
Project description
ntlm-info
Get system information from NTLM supported endpoints.
Supported protocols:
- HTTP[S]
- SMB 1,2,3
Setup
Installation:
git clone https://gitlab.com/Zer1t0/ntlm-info
cd ntlm-info
python3 setup.py install
Examples
Usage:
ntlm-info -h
Use it with subfinder and httprobe to find internal domains:
$ subfinder -d contoso.com | httprobe | ntlm-info
Url: https://adminit.contoso.com
Target (Domain): ITCONTOSO
OS Version: 10.0.14393
OS Name: Server 2016 | Server 2019 | Windows 10
MsvAvNbComputerName: IT-01
MsvAvNbDomainName: ITCONTOSO
MsvAvDnsComputerName: it-01.it.contoso.com
MsvAvDnsDomainName: it.contoso.com
MsvAvDnsTreeName: it.contoso.com
MsvAvTimestamp: Sep 03, 2020 09:10:47.698890
Negotiate Flags: 0x2898205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_TARGET_TYPE_DOMAIN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
Server challenge: da2f377fae4e8ba0
Url: https://test.contoso.com
Target (Domain): EMPCONTOSO
OS Version: 10.0.14393
OS Name: Server 2016 | Server 2019 | Windows 10
MsvAvNbComputerName: TEST
MsvAvNbDomainName: EMPCONTOSO
MsvAvDnsComputerName: test.employees.contoso.com
MsvAvDnsDomainName: employees.contoso.com
MsvAvDnsTreeName: employees.contoso.com
MsvAvTimestamp: Sep 03, 2020 09:10:47.698890
Negotiate Flags: 0x2898205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_TARGET_TYPE_DOMAIN
NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
Server challenge: 3d66a70eb2f14e93
Acknowledgment
@b17zr for ntlm_challenger.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
ntlm-info-0.0.1.tar.gz
(7.7 kB
view hashes)
Built Distributions
ntlm_info-0.0.1-py3.7.egg
(18.5 kB
view hashes)
ntlm_info-0.0.1-py3-none-any.whl
(21.2 kB
view hashes)
Close
Hashes for ntlm_info-0.0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9ee24275c3f461b4c6fb38b0de918094038f41844cfa5aabd30d8c44eaceb3c6 |
|
MD5 | 5b628f2f8e6e62304fec93ba3fa3ce4c |
|
BLAKE2b-256 | 0208dfc57a75bf6e9bd167d80efb10c203c511b85eb797b32c56c02c9c06278b |