Penetration Testing mailing list archives
[PEN-TEST] Sniffing web-based NT logins
From: "Batten, Gerald" <GBatten () EXOCOM COM>
Date: Thu, 11 Jan 2001 09:55:37 -0500
I was wondering if there was a tool, or if someone knew how to pick it off of a regular sniffer, to pick up the NT has of an NT login over the web. Let me explain... The server is IIS 5.0, the web clients are IE 5.x, and the server is configured to take NT authentication to the protected web pages exclusively. This means that Netscape won't work, and that the passwords are not sent as the standard Base64 encoding. So, how are the passwords transferred, and how would I use a sniffer to pick it up? I'm assuming that they would be Lanman hashes and that I could pull them off the wire somehow and use LophtCrack to guess the passwords? Gerald.
Current thread:
- [PEN-TEST] Sniffing web-based NT logins Batten, Gerald (Jan 11)
- Re: [PEN-TEST] Sniffing web-based NT logins Magus Ba'al (Jan 12)