Full Disclosure mailing list archives

Re: NTLM Multiprotocol Replay attacks

From: yersinia <yersinia.spiros () gmail com>
Date: Sun, 16 Nov 2008 14:13:42 +0100

smbrelay in origin was, some years ago, created by CDC. M$ smb signing do it
historic. This tool is an evolution of this ?

Regards

On Fri, Nov 14, 2008 at 9:37 PM, Andres Tarasco <atarasco () gmail com> wrote:

I have published a new proof of concept tool, named "Smbrelay3", that is
able to replay NTLM authentication from several protocols like
SMB/HTTP/IMAP/..
http://www.tarasco.org/security/smbrelay/index.html


Andrés Tarascó

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

NTLM Multiprotocol Replay attacks Andres Tarasco (Nov 14)
- Re: NTLM Multiprotocol Replay attacks Kurt Grutzmacher (Nov 15)
- Re: NTLM Multiprotocol Replay attacks yersinia (Nov 16)
  - Re: NTLM Multiprotocol Replay attacks Andres Tarasco (Nov 16)
- <Possible follow-ups>
- Re: NTLM Multiprotocol Replay attacks adrian . lamo (Nov 16)
  - Re: NTLM Multiprotocol Replay attacks n3td3v (Nov 17)
    - Re: NTLM Multiprotocol Replay attacks Valdis . Kletnieks (Nov 17)
- Re: NTLM Multiprotocol Replay attacks william () lefkovics net (Nov 17)
  - Re: NTLM Multiprotocol Replay attacks Trollie Fingers (Nov 17)
    - Re: NTLM Multiprotocol Replay attacks William Lefkovics (Nov 17)
    - Re: NTLM Multiprotocol Replay attacks Valdis . Kletnieks (Nov 17)
    - Re: NTLM Multiprotocol Replay attacks Valdis . Kletnieks (Nov 17)
    - Re: NTLM Multiprotocol Replay attacks Trollie Fingers (Nov 17)

(Thread continues...)