fixed ntlm hash function

v2022-12-16.1800; fixed ntlm hash function

Author: cyclone-github

hashgen.go

@@ -8,8 +8,10 @@ import (
     "crypto/sha1"
     "crypto/sha256"
     "crypto/sha512"
+    "encoding/binary"
     "encoding/base64"
     "encoding/hex"
+    "unicode/utf16"
     "flag"
     "fmt"
     "log"
@@ -18,9 +20,11 @@ import (
     "io"
     "strconv"
 )
-// version
+// version history
+// v2022-12-15.2030; initial release
+// v2022-12-16.1800; fixed ntlm hash function
 func versionFunc() {
-    wordlistBase64Decode("Q3ljbG9uZSBoYXNoIGdlbmVyYXRvciB2MjAyMi0xMi0xNS4yMDMwCg==")
+    funcBase64Decode("Q3ljbG9uZSBoYXNoIGdlbmVyYXRvciB2MjAyMi0xMi0xNi4xODAwCg==")
 }
 // help function
 func helpFunc() {
@@ -29,14 +33,14 @@ func helpFunc() {
             "\nExample Usage:"+
             "\n./hashgen -m md5 -w wordlist.txt"+
             "\n./hashgen -m md5 -w wordlist.txt > output.txt\n"+
-            "\nSupported functions:\nbase64decode\nbase64encode\nbcrypt\ncrc32\nmd4\nmd5\nsha1\nsha256\nsha512\n"
+            "\nSupported functions:\nbase64decode\nbase64encode\nbcrypt\ncrc32\nmd4\nmd5\nntlm\nsha1\nsha256\nsha512\n"
     fmt.Println(str)
     os.Exit(0)
 } 
 // main function
 func main() {
-    m := flag.String("m", "algo", "Mode:")
-    w := flag.String("w", "wordlist.txt", "Path to wordlist:")
+    m := flag.String("m", "", "Mode:")
+    w := flag.String("w", "", "Path to wordlist:")
     version := flag.Bool("version", false, "Prints program version:")
     cyclone := flag.Bool("cyclone", false, "")
     help := flag.Bool("help", false, "Prints help:")
@@ -46,20 +50,20 @@ func main() {
         versionFunc()
         os.Exit(0)
     } else if *cyclone == true {
-        wordlistBase64Decode("Q29kZWQgYnkgY3ljbG9uZSA7KQo=")
+        funcBase64Decode("Q29kZWQgYnkgY3ljbG9uZSA7KQo=")
         os.Exit(0)
     } else if *help == true {
         helpFunc()
     }
 // run sanity checks on algo input (m)
     if len(*m) < 3 {
-        fmt.Println("--> -m input not read <--\n")
+        fmt.Println("--> missing '-m algo' <--\n")
         helpFunc()
         os.Exit(0)
     }
 // run sanity checks on wordlist input (w)
-    if len(*w) < 3 {
-        fmt.Println("--> -w input not read <--\n")
+    if len(*w) < 1 {
+        fmt.Println("--> missing '-m wordlist' <--\n")
         helpFunc()
         os.Exit(0)
     } 
@@ -74,30 +78,29 @@ if err != nil {
 }
 defer file.Close()
     scanner := bufio.NewScanner(file)
-// optionally, resize scanner's capacity for lines over 64K, see next example
     for scanner.Scan() {
-        // do stuff with lines scanned
+        // call hash functions for line scanner
         line := scanner.Text()
         if *m == "md5" {
-            wordlistMd5(line)
+            funcMd5(line)
         } else if *m == "md4" {
-            wordlistMd4(line)
+            funcMd4(line)
         } else if *m == "ntlm" {
-            wordlistNtlm(line)
+            funcNtlm(line)
         } else if *m == "sha1" {
-            wordlistSha1(line)
+            funcSha1(line)
         } else if *m == "sha256" {
-            wordlistSha256(line)
+            funcSha256(line)
         } else if *m == "sha512" {
-            wordlistSha512(line)
+            funcSha512(line)
         } else if *m == "crc32" {
-            wordlistCrc32(line)
+            funcCrc32(line)
         } else if *m == "bcrypt" {
-            wordlistBcrypt(line)
+            funcBcrypt(line)
         } else if *m == "base64encode" {
-            wordlistBase64Encode(line)
+            funcBase64Encode(line)
         } else if *m == "base64decode" {
-            wordlistBase64Decode(line)
+            funcBase64Decode(line)
         }
     }
     if err := scanner.Err(); err != nil {
@@ -107,95 +110,78 @@ defer file.Close()
 // hashing functions
 
 // md4 hashing function
-func wordlistMd4(line string) {
+func funcMd4(line string) {
 	hash := md4.New()
 	io.WriteString(hash, line)
 	fmt.Printf("%x\n", hash.Sum(nil))
 }
 // ntlm hashing function
-// go does not have an ntlm hash function
-// we use some hacky logic to convert the 
-// plaintext to UTF16, then call the md4 function
-func wordlistNtlm(line string) {
-	u := ""
-    _ = 0
-	for i, c := range line {
-		u = u + string(c) + "\x00"
-		_ = i
-	}
-    h := md4.New()
-    h.Write([]byte(u))
-    md4 := h.Sum(nil)
-    fmt.Printf("%x\n", md4)
+// code modified from https://github.com/tv42/ntlmv2hash/blob/master/nthash.go
+func funcNtlm(line string) {
+    input := utf16.Encode([]rune(line))
+    hash := md4.New()
+    if err := binary.Write(hash, binary.LittleEndian, input); err != nil {
+        panic(fmt.Errorf("Failed NTLM hashing password: %w", err))
+    }
+    outputHash := hash.Sum(nil)
+    // encode to conventional uppercase hex
+    fmt.Printf("%X\n", outputHash)
 }
 // md5 hashing function
-func wordlistMd5(line string) {
+func funcMd5(line string) {
 	hash := md5.Sum([]byte(line))
-	wordlistHash := hex.EncodeToString(hash[:])
-    fmt.Println(wordlistHash)
+	outputHash := hex.EncodeToString(hash[:])
+    fmt.Println(outputHash)
 }
 // sha1 hashing function
- func wordlistSha1(line string) {
+ func funcSha1(line string) {
 	hash := sha1.Sum([]byte(line))
-	wordlistHash := hex.EncodeToString(hash[:])
-    fmt.Println(wordlistHash)
+	outputHash := hex.EncodeToString(hash[:])
+    fmt.Println(outputHash)
 }
 // sha256 hashing function
-func wordlistSha256(line string) {
+func funcSha256(line string) {
 	hash := sha256.Sum256([]byte(line))
-	wordlistHash := hex.EncodeToString(hash[:])
-    fmt.Println(wordlistHash)
+	outputHash := hex.EncodeToString(hash[:])
+    fmt.Println(outputHash)
 }
 // sha256 hashing function
-func wordlistSha512(line string) {
+func funcSha512(line string) {
     hash := sha512.Sum512([]byte(line))
-    wordlistHash := hex.EncodeToString(hash[:])
-    fmt.Println(wordlistHash)
+    outputHash := hex.EncodeToString(hash[:])
+    fmt.Println(outputHash)
 }
-// bcrypt cost 10 hashing function
-func wordlistBcrypt(line string) {
-    getBcrypt(line)
+// bcrypt cost 10 (DefaultCost) hashing function
+// https://pkg.go.dev/golang.org/x/crypto/bcrypt
+func funcBcrypt(line string) {
+    pwd := []byte(line)
+    hash := hashAndSalt(pwd)
+    fmt.Println(hash)
+}
+func hashAndSalt(pwd []byte) string {
+hash, err := bcrypt.GenerateFromPassword(pwd, bcrypt.DefaultCost )
+if err != nil {
+    log.Println(err)
+}
+return string(hash)
 }
 // crc32 hashing function
-func wordlistCrc32(line string) {
+func funcCrc32(line string) {
     hash := crc32.ChecksumIEEE([]byte(line))
-    wordlistHash := strconv.FormatUint(uint64(hash), 16)
-    fmt.Println(wordlistHash)
+    outputHash := strconv.FormatUint(uint64(hash), 16)
+    fmt.Println(outputHash)
 }
 // base64 encode function
-func wordlistBase64Encode(line string) {
+func funcBase64Encode(line string) {
     str := base64.StdEncoding.EncodeToString([]byte(line))
     fmt.Println(str)
 }
 // base64 decode function
-func wordlistBase64Decode(line string) {
+func funcBase64Decode(line string) {
     str, err := base64.StdEncoding.DecodeString(line)
     if err != nil {
 		fmt.Println("Wordlist doesn't appear to be base64 encoded.")
         os.Exit(0)
     }
     fmt.Printf("%s\n", str)
 }
-
-// bcrypt encode function
-// https://pkg.go.dev/golang.org/x/crypto/bcrypt
-func getBcrypt(line string) {
-    pwd := []byte(line)
-    hash := hashAndSalt(pwd)
-    fmt.Println(hash)
-}
-func getPwd() []byte {
-var pwd string
-_, err := fmt.Scan(&pwd)
-if err != nil {
-    log.Println(err)
-}
-return []byte(pwd)
-}
-func hashAndSalt(pwd []byte) string {
-hash, err := bcrypt.GenerateFromPassword(pwd, bcrypt.DefaultCost )
-if err != nil {
-    log.Println(err)
-}
-return string(hash)
-}