Re: brute-forcing NTLM HTTP Authentication

From: Vanja Hrustic (vanja@egloballab.com)
Date: 09/29/01

Previous message: Olasupo Lawal: "RE: HTTP PUT exploitation"
In reply to: Jason binger: "brute-forcing NTLM HTTP Authentication"
Next in thread: Denis Ducamp: "Re: brute-forcing NTLM HTTP Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 30 Sep 2001 00:51:52 +0700
From: Vanja Hrustic <vanja@egloballab.com>
To: Jason binger <cisspstudy@yahoo.com>
Subject: Re: brute-forcing NTLM HTTP Authentication
Message-ID: <20010930005152.A4785@egloballab.com>

On Fri, Sep 28, 2001 at 05:43:44PM -0700, Jason binger wrote:
> Does anyone know of a tool or script out there that
> can brute-force NTLM web authentication that may be
> used on IIS or ISA server.
>
> I know IE explorer is the only browser that supports
> this auth method. Does anyone have any papers or link
> on how exactly it works? Is it just tunnelled using
> HTTP? Or does it use windows auth ports like TCP 139
> etc?

Details on NTLM can be found at:

http://www.innovation.ch/java/ntlm.html

libntlm can be found at:

ftp://ftp.visi.com/users/grante/ntlm/

download: ftp://ftp.visi.com/users/grante/ntlm/libntlm-0.21.tar.gz

There is also a tools called 'NTLM Authorization Proxy Server' which could be modified and used as a brute force tool. Implementation is in Python.

http://www.geocities.com/rozmanov/ntlm/

I started working on a brute force tool for basic/md5/ntlm some time ago, but I just don't have time to play with it at this moment (and at least
for another month).

Hope this helps.

Vanja

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: Olasupo Lawal: "RE: HTTP PUT exploitation"
In reply to: Jason binger: "brute-forcing NTLM HTTP Authentication"
Next in thread: Denis Ducamp: "Re: brute-forcing NTLM HTTP Authentication"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

brute-forcing NTLM HTTP Authentication
... Subject: brute-forcing NTLM HTTP Authentication ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: brute-forcing NTLM HTTP Authentication
... Subject: brute-forcing NTLM HTTP Authentication ... You may take a look at fetchmail, it can make NTLM auth to IMAP servers. ... This list is provided by the SecurityFocus Security Intelligence Alert Service. ...
(Pen-Test)