| ▲ | coopreme 5 hours ago | |||||||
NTLM is often used for more of the underlying technologies, some more secure than others… nthash, net-ntlmv1, net-ntlmv2. There’s a little more complexity here and this is different than the stuff that was out 15 years ago | ||||||||
| ▲ | bri3d 2 hours ago | parent | next [-] | |||||||
> this is different than the stuff that was out 15 years ago This stuff was out at least 10-15 years ago. It’s different from the ancient local ntlm hash cracking everyone used to get admin in high school, yes, but it’s not a novel technique. on cursory google, https://github.com/NotMedic/NetNTLMtoSilverTicket/blob/maste... is 6 years old and was old news when it was committed, and https://crack.sh/netntlm/ has been around online for at least 10 and I think more like 15+ years. | ||||||||
| ▲ | patmorgan23 2 hours ago | parent | prev [-] | |||||||
Microsoft has deprecated NTLM and is actively ripping it out of windows. https://support.microsoft.com/en-us/topic/upcoming-changes-t... Windows 11 is probably the last version that will contain NTLM (and hopefully NTLMv2). Going forward everything will be Kerberos or Oauth based. | ||||||||
| ||||||||