Penetration Testing mailing list archives
Re: brute-forcing NTLM HTTP Authentication
From: Vanja Hrustic <vanja () egloballab com>
Date: Sun, 30 Sep 2001 00:51:52 +0700
On Fri, Sep 28, 2001 at 05:43:44PM -0700, Jason binger wrote:
Does anyone know of a tool or script out there that can brute-force NTLM web authentication that may be used on IIS or ISA server. I know IE explorer is the only browser that supports this auth method. Does anyone have any papers or link on how exactly it works? Is it just tunnelled using HTTP? Or does it use windows auth ports like TCP 139 etc?
Details on NTLM can be found at: http://www.innovation.ch/java/ntlm.html libntlm can be found at: ftp://ftp.visi.com/users/grante/ntlm/ download: ftp://ftp.visi.com/users/grante/ntlm/libntlm-0.21.tar.gz There is also a tools called 'NTLM Authorization Proxy Server' which could be modified and used as a brute force tool. Implementation is in Python. http://www.geocities.com/rozmanov/ntlm/ I started working on a brute force tool for basic/md5/ntlm some time ago, but I just don't have time to play with it at this moment (and at least for another month). Hope this helps. Vanja ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- brute-forcing NTLM HTTP Authentication Jason binger (Sep 29)
- Re: brute-forcing NTLM HTTP Authentication Dave Aitel (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication Vanja Hrustic (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication Denis Ducamp (Sep 30)
- Re: brute-forcing NTLM HTTP Authentication freehold (Sep 30)