[cifs-protocol] [Pfif] explaination of format desired = 0x0 in drs_crackname operation
smfrench at gmail.com
Fri Aug 5 10:16:44 MDT 2011
I have not been able to determine from MS-CIFS and MS-SMB how the
client can determine whether the server supports "raw ntlmssp"
(ntlmssp, not encoded in spnego).
MS-CIFS section 22.214.171.124 does indicate some of the processing during
authentication, and does indicate differences between ntlm and ntlmv2,
but does not indicate when "raw ntlmssp" can be used. Similarly
section 126.96.36.199 of MS-SMB mentions authentication, and note 86
mentions spnego, but does not indicate how the client determines
whether it can or should send the ntlm/ntlmv2 hash encapsulated in
"raw ntlmssp" - especially for the case when extended security is not
More information about the cifs-protocol