Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add NTLM hash support #27

Closed
wneessen opened this issue Feb 9, 2023 · 0 comments · Fixed by #28
Closed

Add NTLM hash support #27

wneessen opened this issue Feb 9, 2023 · 0 comments · Fixed by #28
Assignees
@wneessen

Comments

@wneessen
Copy link
Owner

wneessen commented Feb 9, 2023

HIBP recently introduced NTLM hash support. go-hibp should reflect this.
@wneessen wneessen self-assigned this Feb 9, 2023
wneessen added a commit that referenced this issue Feb 9, 2023
@wneessen
#27: Implement NTLM hash support for PwnedPassAPI
179cd36 
This PR implements support for NTLM hashes as announced by Troy Hunt:
https://s.pebcak.de/@[email protected]/109833758367903768

For this we needed to be able to calculate MD4 hashes, as NTLM basically is calculated like this: `MD4(UTF-16LE(pw))`. For this we ported the official golang.org/x/crypto/md4 package, so we can still claim that "only depends on Go stdlib"

A new Client option has been introduced: `WithPwnedNTLMHash`. If the client is initalized with this option, all generic methods (`ListHashesPassword` and `CheckPassword`) will  operate on NTLM hashes.

Additionally, there are now equivalent methods for checking passwords and listing hashes for NTLM: `CheckNTLM` and `ListHashesNTLM`
@wneessen wneessen mentioned this issue Feb 9, 2023
Merged
@wneessen wneessen linked a pull request Feb 9, 2023 that will close this issue
#27: Implement NTLM hash support for PwnedPassAPI #28
Merged
wneessen added a commit that referenced this issue Feb 9, 2023
@wneessen
Merge pull request #28 from wneessen/27-add-ntlm-hash-support
2e13557 
#27: Implement NTLM hash support for PwnedPassAPI
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wneessen wneessen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#27: Implement NTLM hash support for PwnedPassAPI wneessen/go-hibp
1 participant
@wneessen