ntlm – Page 5 – WindowsTechs.com

Is there any existing attempted implementation of GSS-API/SPNEGO/GSS-SPNEGO for anything other than Kerberos / NTLM?

Posted on July 12, 2019 by Eran Medan

I’m aware that SPNEGO is de-facto only used in the wild for Kerberos or NTLM. Is there any research / academic / educational example on how it can be also used for other mechanisms as well?

Continue reading Is there any existing attempted implementation of GSS-API/SPNEGO/GSS-SPNEGO for anything other than Kerberos / NTLM?→

10 Things You Need to Know About Kerberos

Posted on June 24, 2019 by Eran Cohen

As our research team continues to find vulnerabilities in Microsoft that bypass all major NTLM protection mechanisms, we start to wonder about the successor protocol that replaced NTLM in Windows versions above Windows 2000.
Enter Kerberos. Every … Continue reading 10 Things You Need to Know About Kerberos→

How to Easily Bypass EPA to Compromise any Web Server that Supports Windows Integrated Authentication

Posted on June 11, 2019 by Yaron Zinar

As announced in our recent security advisory, Preempt researchers discovered how to bypass the Enhanced Protection for Authentication (EPA) mechanism to successfully launch NTLM relay attacks on any server that supports WIA (Windows Integrated Aut… Continue reading How to Easily Bypass EPA to Compromise any Web Server that Supports Windows Integrated Authentication→

What State-Sponsored Attacks Can Teach Us About Conditional Access

Posted on May 3, 2019 by Nir Yosha

People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target public federal organizations in Western nations like the U.S. This is simply not the case. In fact, attacks… Continue reading What State-Sponsored Attacks Can Teach Us About Conditional Access→

I need help cracking NTLM hashes [on hold]

Posted on April 22, 2019 by Javashket

need help cracking these NTLM hashes 853889953055D66CF11F6BE1F261E50A
8E507986CFC0085BB1D7B8A7C34A54AC mixalpha-numeric

Continue reading I need help cracking NTLM hashes [on hold]→

Extracted LM Hashes doesnt match actual password

Posted on April 13, 2019 by Thiago

I’m new to LM Hashing and Windows authentication, and I’m having problems with LM hashes.

I’ve created 2 accounts with the password “123”, and both of them have different hashes, and none of the hashes match any online LM Ca… Continue reading Extracted LM Hashes doesnt match actual password→

Local account authentication protocol

Posted on March 20, 2019 by Gal Kaptsenel

I know that in a domain enviroment there are two ways to authenticate users:

NTLM and Kerberos.

But, in a non-domain enviroment, what is exactly the protocol that takes place when trying to authenticate remotly?
Both NTLM a… Continue reading Local account authentication protocol→

Is it secure to start a NTLM handshake not knowing if the server supports it?

Posted on March 8, 2019 by J. Doe

I am writing a program in Python using the requests-ntlm library. That library adds support for NTLM in regular requests:

import requests
from requests_ntlm import HttpNtlmAuth
requests.get(“http://ntlm_protected_site.com”,a… Continue reading Is it secure to start a NTLM handshake not knowing if the server supports it?→

Data-tracking Chrome flaw triggered by viewing PDFs

Posted on March 1, 2019 by John E Dunn

Researchers have spotted an unusual ‘trackware’ attack triggered by a viewing a PDF inside the Chrome browser. Continue reading Data-tracking Chrome flaw triggered by viewing PDFs→

Adobe patches the same critical Reader flaw twice in one week

Posted on February 25, 2019 by John E Dunn

Adobe has issued a new fix addressing a vulnerability in Reader it thought it had fixed on 12 February as part of Patch Tuesday. Continue reading Adobe patches the same critical Reader flaw twice in one week→