Skip to content

Extracting NetNTLM without touching lsass.exe

Notifications You must be signed in to change notification settings

fengjixuchui/NtlmThief

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 

Repository files navigation

NtlmThief

This is a C++ implementation of the Internal Monologue attack. It allows to get NetNTLM hashes of users using SSPI.

Usage

It's Internal Monologue POC on C++.

# Current User NetNTLM
.\NtlmThief.exe

# With Downgrade
.\NtlmThief.exe -downgrade

# Other user NetNTLM (PID - Process Id of other user)
.\NtlmThief.exe -pid 123

изображение

About

Extracting NetNTLM without touching lsass.exe

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 100.0%