exploit the possibilities
Showing 1 - 1 of 1 RSS Feed


Windows SMB NTLM Authentication Weak Nonce
Posted Feb 10, 2010
Authored by Hernan Ochoa, Agustin Azubel | Site hexale.org

Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.

tags | exploit, remote, arbitrary, protocol, proof of concept
advisories | CVE-2010-0231
MD5 | bda076f3b77016ef22d44fd963cc382f
Page 1 of 1

Top Authors In Last 30 Days

packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By