Penetration Testing mailing list archives

Re: brute-forcing NTLM HTTP Authentication

From: freehold () erols com
Date: Sat, 29 Sep 2001 16:49:29 -0400

Lanman's challenge/response-based and it can cave when bruteforced. 
There was a patch released some time ago because of a potential
Lophtcrack brute-force between IIs & clients w/ WEC (ME & anything with
Office2000).  WEC didn't play nice with IE zone settings.  Ditto a 2k
telnet client/ntlm problem (the client is 'optional' but enabled by
default I think).   Ditto Netbios/ntlm.  Windows sends the auths without
telling users, another example of 'transparency' I guess? ;)  

My favorite ntlm-for-dummies:  http://www.innovation.ch/java/ntlm.html

Missy

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

brute-forcing NTLM HTTP Authentication Jason binger (Sep 29)
- Re: brute-forcing NTLM HTTP Authentication Dave Aitel (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication Vanja Hrustic (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication Denis Ducamp (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication freehold (Sep 30)