Highest Voted 'ntlm' Questions - IT Security Stack Exchange

3

votes

1 answer

How to check whether NTLM v2 or v1 is used for authentication?

Which tool should I use to check which NTLM authentication is used? Consider the fact that I am a user of the web application and not the owner. Are there any security concerns if a site uses NTLM authentication comparing to form-based…

authentication web-application ntlm

asked Jul 11 '16 at 15:13

one

1,781
3
18
45

2

votes

1 answer

Security behind "Windows Security" Feature

Within the Windows Security authentication mechanism active, there are cases the user-login popup comes up. Are this username and password sent encrypted or they are sent as plain-text as the auth-basic protocol does? I wrote a more detailed…

passwords windows ntlm

asked Jun 12 '15 at 11:30

manou

23
3

2

votes

1 answer

Does NTLM authentication via HTTP not need a user name?

Because of a vulnerability that has been found in Exchange Server I was trying to run that attack on our local system to see if the workaround can successfully prevent it. I found a description of NTLM Authentication for HTTP which describes three…

exchange ntlm

asked Jan 30 '19 at 13:34

Arminius

33
1
3

2

votes

1 answer

Obtain NetNTLM/NTLM hash or login

In one CTF, I encountered a task that is solved by getting NetNTLM \ NTLM or just getting username. Tell me, please, is there any protocol that automatically sends NetNTLM / NTLM or username, when the connection is initialized? The victim uses…

authentication network windows-10 ntlm

asked Aug 29 '18 at 18:18

Sp1nal

21
2

2

votes

1 answer

Tools and computer specs for password cracking

To polish my penetration testing skills I want to attempt to crack NTLM/NTLMv2 hashes (via dictionary/wordlist attack) extracted from Active Directory / SAM database, where the underlying passwords consist of 14+ characters, and have a few questions…

brute-force password-cracking active-directory dictionary ntlm

asked May 08 '18 at 10:29

Dino

33
1
2
7

2

votes

1 answer

NTLMv2 Hash harvesting remotely

I'm experimenting with ways to harvest NTLMv2 hashes remotely. Responder.py is perhaps the most widely used mechanism (these days) to perform the task, but I'm unsure if it's even possible to utilize it remotely. Ideally what I'd like to do is run…

windows penetration-test ntlm

asked Feb 01 '18 at 14:10

DKNUCKLES

9,237
2
37
47

2

votes

1 answer

How to "Pass the hash" when LM hash is disabled?

I ran the NTLM_stealer metasploit module and ended up with the following results: LMHASH:Disabled NTHASH:008940f335e9b2ddc182bb5b960a0c5bad0b125cbee3cf84 I was wondering if there is way to successfully use the pass the hash technique with just the…

passwords hash ntlm

asked Sep 28 '15 at 06:49

JohnnyHunter

233
1
7

1

vote

1 answer

Can a corporate proxy downgrade an SSL handshake?

At work, I'm behind an NTLM Proxy. When the SSL Poodle flaw came out, I hardened the configuration of my private server, and found out that even if the client and server shared common ciphers, some configurations led to unsuccessful handshakes. I…

tls man-in-the-middle proxy ntlm

asked Jan 19 '15 at 19:49

Cilyan

183
6

1

vote

1 answer

Identifying hash format caputred via Metasploit

When I use the nbns_repsonde module in metasploit, and set it to write captured responses to a file in the john format, I get a file with lines such as…

hash metasploit ntlm

asked Dec 18 '14 at 22:38

Bo Jeffrey

11
3

1

vote

0 answers

Passing the hash with metasploit and psexec not working - why?

I am currently doing a penetratiion test, and have captured a bunch of NTLM hashes via NBSN spoofing. An example (this is not taken from what I captured, and is random but the format is the same) would be: [*] SMB Captured - 2014-12-11 11:20:00…

hash metasploit ntlm

asked Dec 11 '14 at 20:27

Shane Dobson

11
1

1

vote

1 answer

How NTLM SSO is preformed on smartcard Kerberos logon?

I have been researching kerberos and ntlm for the last couple of days and still got one thing unresolved. After an interactive logon with kerberos, you will have in the cached credentials both kerberos tickets and ntlm hashes. I figured…

hash windows active-directory kerberos ntlm

asked Mar 18 '21 at 10:43

Eran Nahshon

23
4

1

vote

0 answers

Hardware for password cracking

I'm planning to extend my pentest services to Password Cracking, to be more precise: Cracking Active Directory Passwords, extracted from the customers Active Directory in order to check users passwords. Now I did some research, but there are so many…

passwords brute-force password-cracking active-directory ntlm

asked Feb 23 '21 at 12:26

nameless

131
1

1

vote

0 answers

Is the ability to export HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\SYSTEM as .reg files a security concern?

I am concerned that if it is possible to copy these as .reg files (without privs) and then (on another machine) reverse the .hiv files from them... this would probably be bad, which makes me think it's likely not possible. Has this/is this done to…

windows-10 ntlm registry

asked Feb 05 '21 at 13:46

PlasticCasio

93
7

1

vote

1 answer

Is it possible make a Pass-The-Hash attack with Responder?

The tool Responder written in Python permits to listen on a specific network card requests and automatically poisoning victims the steal hash NTLMv1 and hash NTLMv2. The attack Pass-The-Hash permits to connect to a service like SMB. I am a little…

active-directory kerberos ntlm domain-controller pass-the-hash

asked Oct 18 '20 at 10:16

Anonyme

274
2
8

1

vote

2 answers

NTLM Modern usage

I understand that Kerberos is the recent authentication protocol used in windows environment and that NTLM is still supported for interoperability only. I want to know in non domain environments,if i am logging to my own pc at home which have…

authentication windows kerberos ntlm

asked Apr 02 '20 at 12:54

665bassem

11
1

Questions tagged [ntlm]