Aloha, Arne. Where can we find the source code for kerbcrack? It may be useful to point out that Internet Explorer 5.0 and later support Kerberos authentication by way of a Negotiate WWW-Authenticate header that is always sent by IIS paired with a classic NTLM WWW-Authenticate header. IE sends BOTH NTLM and Kerberos authorization data back to IIS, letting it pick the one it prefers to use. Kerbcrack points out the need for IPSec to be used in conjunction with Kerberos, but lazy client implementations that can't be forced to stop using older less-secure authentication methods concurrently with Kerberos are also an ongoing problem. Sincerely, Jason Coombs jasoncat_private -----Original Message----- From: Arne Vidstrom [mailto:arne.vidstromat_private] Sent: Wednesday, November 27, 2002 8:06 PM To: bugtraqat_private Subject: Kerberos login sniffer and cracker for Windows 2000/XP Hi all, I've coded a simple Kerberos login sniffer and cracker for Windows 2000/XP that you might find useful. You can find it for download at: http://ntsecurity.nu/toolbox/kerbcrack/ Regards /Arne
This archive was generated by hypermail 2b30 : Mon Dec 02 2002 - 11:26:57 PST