Re: brute-forcing NTLM HTTP Authentication

[Vanja Hrustic <vanja () egloballab com>]

On Fri, Sep 28, 2001 at 05:43:44PM -0700, Jason binger wrote:
> Does anyone know of a tool or script out there that
> can brute-force NTLM web authentication that may be
> used on IIS or ISA server. 
>
> I know IE explorer is the only browser that supports
> this auth method. Does anyone have any papers or link
> on how exactly it works? Is it just tunnelled using
> HTTP? Or does it use windows auth ports like TCP 139
> etc?

Details on NTLM can be found at:

http://www.innovation.ch/java/ntlm.html

libntlm can be found at:

ftp://ftp.visi.com/users/grante/ntlm/

download: ftp://ftp.visi.com/users/grante/ntlm/libntlm-0.21.tar.gz  

There is also a tools called 'NTLM Authorization Proxy Server' which could be modified and used as a brute force tool. 
Implementation is in Python.

http://www.geocities.com/rozmanov/ntlm/

I started working on a brute force tool for basic/md5/ntlm some time ago, but I just don't have time to play with it at 
this moment (and at least   
for another month). 

Hope this helps.

Vanja

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/