Agent: Add comment regarding NTLM hashes to format_password()

monkey/infection_monkey/exploit/powershell_utils/powershell_client.py

@@ -27,6 +27,18 @@ def _set_sensitive_packages_log_level_to_error():
         logging.getLogger(package.__name__).setLevel(logging.ERROR)
 
 
+# The pypsrp library requires LM or NT hashes to be formatted like "LM_HASH:NT_HASH"
+#
+# Example:
+# If your LM hash is 1ec78eb5f6edd379351858c437fc3e4e and your NT hash is
+# 79a760336ad8c808fee32aa96985a305, then you would pass
+# "1ec78eb5f6edd379351858c437fc3e4e:79a760336ad8c808fee32aa96985a305" as the
+# `password` parameter to pypsrp.
+#
+# In our case, we have a set of NT hashes and a set of LM hashes, but we don't
+# know if any particular LM/NT hash pair was generated from the same password.
+# To avoid confusion, we pair each NT or LM hash with a dummy (i.e. all zeros)
+# hash.
 def format_password(credentials: Credentials) -> Optional[str]:
     if credentials.secret_type == SecretType.CACHED:
         return None