Bugtraq mailing list archives
RE: Kerberos login sniffer and cracker for Windows 2000/XP
From: "Jason Coombs" <jasonc () science org>
Date: Sun, 1 Dec 2002 16:24:18 -1000
Aloha, Arne. Where can we find the source code for kerbcrack? It may be useful to point out that Internet Explorer 5.0 and later support Kerberos authentication by way of a Negotiate WWW-Authenticate header that is always sent by IIS paired with a classic NTLM WWW-Authenticate header. IE sends BOTH NTLM and Kerberos authorization data back to IIS, letting it pick the one it prefers to use. Kerbcrack points out the need for IPSec to be used in conjunction with Kerberos, but lazy client implementations that can't be forced to stop using older less-secure authentication methods concurrently with Kerberos are also an ongoing problem. Sincerely, Jason Coombs jasonc () science org -----Original Message----- From: Arne Vidstrom [mailto:arne.vidstrom () ntsecurity nu] Sent: Wednesday, November 27, 2002 8:06 PM To: bugtraq () securityfocus com Subject: Kerberos login sniffer and cracker for Windows 2000/XP Hi all, I've coded a simple Kerberos login sniffer and cracker for Windows 2000/XP that you might find useful. You can find it for download at: http://ntsecurity.nu/toolbox/kerbcrack/ Regards /Arne
Current thread:
- RE: Kerberos login sniffer and cracker for Windows 2000/XP Jason Coombs (Dec 02)