Jump to content
SirGod

ADV170014 NTLM SSO: Exploitation Guide

Recommended Posts

The vulnerability

 

It is a known issue that Microsoft NTLM architecture has some failures, hash stealing is not something new, it is one of the first things a pentester tries when attacking a Microsoft environment.

But, most of these techniques require user intervention or traffic interception to fulfill the attack.

These new attacks require no user interaction, everything is done from the attacker’s side, but of course, there are some conditions that need to be met to be successful with this attack.

 

Link articol: http://www.sysadminjd.com/adv170014-ntlm-sso-exploitation-guide/

  • Upvote 9
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...