UsefulLinks
Computer Science
Cybersecurity
Kerberos and NTLM Security Vulnerabilities
1. Foundations of Windows Authentication
2. NTLM Protocol Architecture
3. NTLM Security Vulnerabilities
4. Kerberos Protocol Fundamentals
5. Kerberos Security Vulnerabilities
6. Attack Methodology and Lateral Movement
7. Detection and Monitoring
8. Mitigation and Hardening Strategies
2.
NTLM Protocol Architecture
2.1.
NTLM Evolution and Versions
2.1.1.
LAN Manager (LM) Protocol
2.1.2.
NTLM Version 1 (NTLMv1)
2.1.3.
NTLM Version 2 (NTLMv2)
2.1.4.
Extended Session Security
2.1.5.
Current Status and Deprecation
2.2.
NTLM Authentication Process
2.2.1.
Type 1 Message (Negotiate)
2.2.2.
Type 2 Message (Challenge)
2.2.3.
Type 3 Message (Authentication)
2.2.4.
Challenge-Response Mechanism
2.2.5.
Session Key Establishment
2.3.
NTLM Hash Types
2.3.1.
LM Hash
2.3.1.1.
DES-based Algorithm
2.3.1.2.
Case Insensitivity Weakness
2.3.1.3.
14-Character Limitation
2.3.1.4.
Storage Format
2.3.2.
NT Hash
2.3.2.1.
MD4-based Algorithm
2.3.2.2.
Unicode Support
2.3.2.3.
Storage Format
2.3.2.4.
Salting Absence
2.4.
NTLM in Network Protocols
2.4.1.
SMB/CIFS Authentication
2.4.2.
HTTP NTLM Authentication
2.4.3.
LDAP NTLM Authentication
2.4.4.
RPC Authentication
2.5.
NTLM Storage Mechanisms
2.5.1.
SAM Database Storage
2.5.2.
LSASS Memory Storage
2.5.3.
Cached Credentials
2.5.4.
Registry Storage Locations
Previous
1. Foundations of Windows Authentication
Go to top
Next
3. NTLM Security Vulnerabilities