NTLMv2 Encryption Libraries

nagaram · March 13, 2025, 3:06am

So I’m getting into password cracking with hashcat because of a project at work.

Our new cyber security guy has pointed out how easy it is to get NTLMv2 hashes with current network/AD settings and I want to see how good my default password scheme is that I send out to end users is.

So I wanted to generate some default passwords and encrypt them with NTLMv2 and try to crack them with hashcat and my rig of GPU’s.

Problem stands that I can’t find a Python library thats just plug and play for a

for(string in list y):
NTLMv2.encrypt(string)

nor can I find enough info about how an NTLMv2 hash is created to figure it out.

I’m certain I’ve dove straight into the deep end on this subject, but I really want to practice this a few times with a few Ruleset changes and dictionary changes. I know hashcat offers test ones, but they only have one hash each and its just “hashcat”. I wanna see what my hodge podge of 60 class gpus can do lol.

I’d prefer options in python or c++ but I’m willing to learn another language. Thanks!

k3ninho · March 13, 2025, 10:00am

I hope you trust the results of this investigation: whatever your schema for input, the NTMLv2 hash is weak (plus it can be attacked in other ways) and your security guy can find other data that hashes to match the hashes of your strong passwords. It’s AD and Net-NTLMv2 at fault, your process for creating passwords likely has great entropy.

Resource-wise, I found: This page discusses other attacks on the infra that uses NTLMv2. This page has pseudocode for generating LM, NTLMv1 and Net-NTLMv2 hashes. This is a python library for creating hashes for the challenge-response, you can probably use it directly.

K3n.