script to generate the NT hash for a password string (for NTLMv2 auth, etc). OpenSSL config was tested on Fedora 42.
$ nthash --help
Generate NT Hash from password string.
Usage: nthash '<password>'
To use the generated hash in Go as []byte:
hashBytes, _ := hex.DecodeString("<hash>")
$ nthash Password123
58A478135A93AC3BF058A5EA0E8FDB71
| #!/bin/bash | |
| dp0="$(cd "$(dirname "$(readlink -f "$0")")" && pwd)" | |
| OPENSSL_CONF="$dp0/nthash_openssl.cnf" python $dp0/nthash.py $1 |
| #!/usr/bin/python | |
| import sys | |
| import hashlib | |
| usage = f""" | |
| Generate NT Hash from password string. | |
| Usage: nthash '<password>' | |
| To use the generated hash in Go as []byte: | |
| hashBytes, _ := hex.DecodeString("<hash>") | |
| """ | |
| if len(sys.argv) < 2 or not sys.argv[1] or sys.argv[1].strip() == "" or sys.argv[1].strip() == "--help" or sys.argv[1].strip() == "-h": | |
| print(usage) | |
| sys.exit(1) | |
| passwd = sys.argv[1].strip() | |
| print(hashlib.new('md4', passwd.encode('utf-16le')).hexdigest().upper()) | |
| openssl_conf = openssl_init | |
| [openssl_init] | |
| providers = provider_sect | |
| [provider_sect] | |
| default = default_sect | |
| legacy = legacy_sect | |
| [default_sect] | |
| activate = 1 | |
| [legacy_sect] | |
| activate = 1 |