The Security Accounts Manager (SAM) can be stored in LANMAN hash and/or NTLM. LANMAN makes passwords brute-force attacks easy if the SAM is retrieved.
There is a registry setting to look for under "HKLM\System\CurrentControlSet\Control\LSA", there is a key "LMCompatibilityLevel" which has acceptable range of 0-5. 0 is usually default, which means all hashing is acceptable. You should really set it to 4 or 5. Microsoft discuss this on their support site
More useful links include: arp-scan, introduction to steganograhpy, XSS in the Cisco Ironport and how to look up reverse zones for ip addresses in DNS.
The well known SMB vulnerability ms09-001 does have POC exploits but they only crash the concerned system best demonstrated by 4xunderground.
Showing posts with label NTLM. Show all posts
Showing posts with label NTLM. Show all posts
Friday, 4 September 2009
Subscribe to:
Posts (Atom)