Does anyone know of a tool or script out there that can brute-force NTLM web authentication that may be used on IIS or ISA server. I know IE explorer is the only browser that supports this auth method. Does anyone have any papers or link on how exactly it works? Is it just tunnelled using HTTP? Or does it use windows auth ports like TCP 139 etc? I have looked around to no avail. RFP says it will be in whisker 2.0 but i need it now =] Any help appreciated. Jason __________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat Sep 29 2001 - 10:36:10 PDT