Metasploit mailing list archives
MS08-067 Authentication against NTLMv2
From: one.miguel at gmail.com (Juan Miguel Paredes)
Date: Mon, 10 Nov 2008 10:23:40 +0100
Hi, We are testing the MS08-067 module in our environment and found that it does not work against production systems which are forcing NTLMv2 authentication. I've tested against a system where the authentication has not been forced and it works against that. Looking at the packets and the responses, after the NULL authentication attempt, I get "ACCESS_DENIED". Is there a way to enable NTLMv2 authentication in the module? I've confirmed that I can manually connect to the production system with a NULL session outside of the framework (using net use). Alternatively, can the framework use an existing connection (i.e. net use \\ 10.0.0.1\ipc$ "" /U:"") and just send the 'sploit code that way? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081110/0c3d3b44/attachment.htm>
Current thread:
- MS08-067 Authentication against NTLMv2 Juan Miguel Paredes (Nov 10)
- MS08-067 Authentication against NTLMv2 Juan Miguel Paredes (Nov 10)
- MS08-067 Authentication against NTLMv2 Ron (Nov 10)
- MS08-067 Authentication against NTLMv2 Juan Miguel Paredes (Nov 10)
- MS08-067 Authentication against NTLMv2 H D Moore (Nov 10)
- MS08-067 Authentication against NTLMv2 Ron (Nov 10)
- MS08-067 Authentication against NTLMv2 Juan Miguel Paredes (Nov 10)