Metasploit mailing list archives
ntlm over http
From: patrick at metasploit.com (Patrick Webster)
Date: Fri, 28 Sep 2007 18:26:16 +1000
Don't forget you still need to replay the hash to the client... so you need IPC$ (135/445) listening and routable. shiftnato just wants to use HTTP challenges (IIS "Integrated Authentication") to grab the auth, as a lot of non-MS clients will block \\server in HTML - but http://evil will be accepted. Firefox supports NTLM HTTP challenges also ;-) -Patrick -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070928/817cb4a8/attachment.htm>
Current thread:
- ntlm over http warlord (Sep 28)
- ntlm over http Patrick Webster (Sep 28)