git clone https://github.com/miketeo/pysmb.git
python setup.py install

Then drop this in test.py

import sys
import pprint
from smb.SMBConnection import SMBConnection
from util import getConnectionInfo

conn = SMBConnection("UserAccount", "!31:70:ae:1e:3e:NT:LM:Hash:Goes:Here:a9:37:fc:e3", "Your IP Here", "RemoteHostname", use_ntlm_v2 = True, is_direct_tcp = True)
conn.connect("RemoteHostName", 445) #Use  IS TCP Direct on 445 and 135 for the other
results = conn.listShares()
for smbtest in [r.name.lower() for r in results]:
    print(smbtest)

# pretty print loaded modules
#pprint.pprint(sys.modules)

#filelist = conn.listPath('shared_folder_name', '/')

Modify this code in Python\pysmb\python3\smb -> ntlm.py

def generateChallengeResponseV2(password, user, server_challenge, server_info, domain = '', client_challenge = None):
    client_timestamp = b'\0' * 8

    if not client_challenge:
        client_challenge = bytes([ random.getrandbits(8) for i in range(0, 8) ])

    assert len(client_challenge) == 8

    if password.startswith("!"):
        #ntlm_hash = password[1:].replace(":", "").decode("hex")
        ntlm_hash = bytes.fromhex(password[1:].replace(":", ""))
    else:
        d = MD4()
        d.update(password.encode('UTF-16LE'))
        ntlm_hash = d.digest()   # The NT password hash
        print("b'" + ''.join('\\x{:02x}'.format(x) for x in ntlm_hash) + "'")
        #print(ntlm_hash)   
    response_key = hmac.new(ntlm_hash, (user.upper() + domain).encode('UTF-16LE'), 'md5').digest()  # The NTLMv2 password hash. In [MS-NLMP], this is the result of NTOWFv2 and LMOWFv2 functions
    temp = b'\x01\x01' + b'\0'*6 + client_timestamp + client_challenge + b'\0'*4 + server_info
    ntproofstr = hmac.new(response_key, server_challenge + temp, 'md5').digest()

    nt_challenge_response = ntproofstr + temp
    lm_challenge_response = hmac.new(response_key, server_challenge + client_challenge, 'md5').digest() + client_challenge
    session_key = hmac.new(response_key, ntproofstr, 'md5').digest()
    for line in traceback.format_stack():
         print(line.strip())
    return nt_challenge_response, lm_challenge_response, session_key

Z:\Programming\Python\pysmb\python3\tests\SMBConnectionTests>test.py
File “Z:\Programming\Python\pysmb\python3\tests\SMBConnectionTests\test.py”, line 7, in
conn.connect(“Hostname”, 445)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\SMBConnection.py”, line 124, in connect
self._pollForNetBIOSPacket(timeout)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\SMBConnection.py”, line 634, in _pollForNetBIOSPacket
self.feedData(data)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\nmb\base.py”, line 54, in feedData
self._processNMBSessionPacket(self.data_nmb)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\nmb\base.py”, line 75, in _processNMBSessionPacket
self.onNMBSessionMessage(packet.flags, packet.data)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\base.py”, line 144, in onNMBSessionMessage
if self._updateState(self.smb_message):
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\base.py”, line 285, in _updateState_SMB2
self._handleSessionChallenge(message, ntlm_token)
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\base.py”, line 367, in _handleSessionChallenge_SMB2
nt_challenge_response, lm_challenge_response, session_key = ntlm.generateChallengeResponseV2(self.password,
File “C:\Users\User\AppData\Local\Programs\Python\Python38-32\lib\site-packages\pysmb-1.1.28-py3.8.egg\smb\ntlm.py”, line 178, in generateChallengeResponseV2
for line in traceback.format_stack():
admin$
c$
d$
ipc$
print$
myShare

Leave a Reply

Your email address will not be published. Required fields are marked *

To create code blocks or other preformatted text, indent by four spaces:

    This will be displayed in a monospaced font. The first four 
    spaces will be stripped off, but all other whitespace
    will be preserved.
    
    Markdown is turned off in code blocks:
     [This is not a link](http://example.com)

To create not a block, but an inline code span, use backticks:

Here is some inline `code`.

For more help see http://daringfireball.net/projects/markdown/syntax