Recent #TryHackMe room inspired me to publish blog about Decryption of #SMB traffic.
Summarized 3 methods of decryption in #Wireshark:
- with user password
- with NTLM hash
- without them, just by cracking the captured #network traffic
https://malwarelab.eu/posts/tryhackme-smb-decryption/
#cryptography #networkanalysis #networktrafficanalysis #networktraffic #samba #encryption
MalwareLab /
npub1ks…h07l5
2024-08-15 18:24:28
Author Public Key
npub1ksxp2k6449prsqz6e3uq4k87hzw64v6c6u7zqdw9u99ev2y7gfpsnh07l5Published at
2024-08-15 18:24:28Event JSON
{
"id": "a5a79267e5dffd721ba898b48b8d334ebdd8826e93c702d768fd2034951b5c44",
"pubkey": "b40c155b55a94238005acc780ad8feb89daab358d73c2035c5e14b96289e4243",
"created_at": 1723746268,
"kind": 1,
"tags": [
[
"t",
"TryHackMe"
],
[
"t",
"tryhackme"
],
[
"t",
"SMB"
],
[
"t",
"smb"
],
[
"t",
"Wireshark"
],
[
"t",
"wireshark"
],
[
"t",
"network"
],
[
"t",
"cryptography"
],
[
"t",
"networkanalysis"
],
[
"t",
"networktrafficanalysis"
],
[
"t",
"networktraffic"
],
[
"t",
"samba"
],
[
"t",
"encryption"
]
],
"content": "Recent #TryHackMe room inspired me to publish blog about Decryption of #SMB traffic.\n\u2029Summarized 3 methods of decryption in #Wireshark:\u2028- with user password\u2028- with NTLM hash\u2028- without them, just by cracking the captured #network traffic\n\u2029https://malwarelab.eu/posts/tryhackme-smb-decryption/\n\n\u2029#cryptography #networkanalysis #networktrafficanalysis #networktraffic #samba #encryption",
"sig": "d8e93e21f250b38c669d5a9feacef4c4626b087a1ad5315e5775b96666a4492d9c50dfbde2bd5f555d7e40698d2c9d021cdeb0052801b150018b5e53667f4f84"
}