On Fri, Sep 28, 2001 at 05:43:44PM -0700, Jason binger wrote: > Does anyone know of a tool or script out there that > can brute-force NTLM web authentication that may be > used on IIS or ISA server. > > I know IE explorer is the only browser that supports > this auth method. Does anyone have any papers or link > on how exactly it works? Is it just tunnelled using > HTTP? Or does it use windows auth ports like TCP 139 > etc? Details on NTLM can be found at: http://www.innovation.ch/java/ntlm.html libntlm can be found at: ftp://ftp.visi.com/users/grante/ntlm/ download: ftp://ftp.visi.com/users/grante/ntlm/libntlm-0.21.tar.gz There is also a tools called 'NTLM Authorization Proxy Server' which could be modified and used as a brute force tool. Implementation is in Python. http://www.geocities.com/rozmanov/ntlm/ I started working on a brute force tool for basic/md5/ntlm some time ago, but I just don't have time to play with it at this moment (and at least for another month). Hope this helps. Vanja ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Sep 30 2001 - 12:59:40 PDT