Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - NTLM 100 Percent Broken Using Hashes Derived from Captures (blogspot.com)

uCallHimDrJ0NES writes: Security researcher Mark Gamache has used Moxie Marlinspike's Cloudcracker to derive hashes from captured NTLM handshakes, resulting in successful pass-the-hash attacks. It's been going on for a long time, probably, but this is the first time a "white hat" has researched and exposed the how-to details for us all to enjoy. Microsoft has posted a little guidance for those who need to turn off NTLM: http://support.microsoft.com/kb/2793313. Have fun explaining your new security project to your management, server admins!
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

NTLM 100 Percent Broken Using Hashes Derived from Captures

Comments Filter:

The amount of time between slipping on the peel and landing on the pavement is precisely 1 bananosecond.

Working...