RE: Kerberos login sniffer and cracker for Windows 2000/XP

["Jason Coombs" <jasonc () science org>]

Aloha, Arne.

Where can we find the source code for kerbcrack?

It may be useful to point out that Internet Explorer 5.0 and later support
Kerberos authentication by way of a Negotiate WWW-Authenticate header that
is always sent by IIS paired with a classic NTLM WWW-Authenticate header. IE
sends BOTH NTLM and Kerberos authorization data back to IIS, letting it pick
the one it prefers to use.

Kerbcrack points out the need for IPSec to be used in conjunction with
Kerberos, but lazy client implementations that can't be forced to stop using
older less-secure authentication methods concurrently with Kerberos are also
an ongoing problem.

Sincerely,

Jason Coombs
jasonc () science org

-----Original Message-----
From: Arne Vidstrom [mailto:arne.vidstrom () ntsecurity nu]
Sent: Wednesday, November 27, 2002 8:06 PM
To: bugtraq () securityfocus com
Subject: Kerberos login sniffer and cracker for Windows 2000/XP


Hi all,

I've coded a simple Kerberos login sniffer and cracker for Windows 2000/XP
that you might find useful. You can find it for download at:

http://ntsecurity.nu/toolbox/kerbcrack/

Regards /Arne