The two are the LM hash (a DES-based function applied to the first 14 characters of the password converted to the traditional 8-bit PC charset for the language), and the NT hash ( MD4 of the little endian UTF-16 Unicode password). The NTLM protocol uses one or both of two hashed password values, both of which are also stored on the server (or domain controller), and which through a lack of salting are password equivalent, meaning that if you grab the hash value from the server, you can authenticate without knowing the actual password. Finally, the client responds to the challenge with an AUTHENTICATE_MESSAGE.Next, the server responds with CHALLENGE_MESSAGE which is used to establish the identity of the client.
0 Comments
Leave a Reply. |