Lotus Domino 8.5

Lotus Domino 8.5 – Users’ Password Hashes Retriever

Updated my¬†GitHub to include a new script and added a link to my GitHub page on the sidebar of this blog. The script in question is the fetchDomino which is an utility that allows you to dump all Domino Lotus user’s password hashes. This script was created to replace Domino Raptor which did not work for me during testing of Lotus Domino 8.5

In a few words, this script can be used when we get access to the the Domino’s names.nsf file. Some servers may have this file completely exposed to the Internet, others instead would require authentication thus a brute-force attack or another attack vector may be required to get in. Once you have access to names.nsf, fetchDomino will come very handy as it will collect all user’s hashes in the database for you. Then use JTR dumbo patch with the “lotus5” format to crack these hashes.

If you are looking for a guide in how to hack Lotus Domino, refer to the document below:

http://dsecrg.com/files/pub/pdf/Penetration_from_application_down_to_OS_(Lotus_Domino).pdf

 

Advertisements