Regarding AUTH_CRAP and NTLMv2
Narendra Kumar S.S
ssnkumar at gmail.com
Mon Jan 17 05:38:17 MST 2011
Hello Volker and Andrew,
Thanks for the detailed clarifications.
That really helps.
Warm Regards,
Narendra
Visit my blogs at:
http://ssnarendrakumar.blogspot.com/
___ ___ __ _
/ __/ / __/ / | / /
_\ \ _ \ \ / /| |/ /
\___/ \___/ /_/ |__/
On Mon, Jan 17, 2011 at 5:42 PM, Volker Lendecke
<Volker.Lendecke at sernet.de>wrote:
> On Mon, Jan 17, 2011 at 05:20:28PM +0530, Narendra Kumar S.S wrote:
> > I didn't tell you what I am trying to achieve out of this.
> > I am trying to write a simple application, which can sign a given SMB
> > packet.
> > I use tcpdump/wireshark to capture all the network traffic and take out
> the
> > smb packet for which I need to check the signature.
> > Since I have the complete trace, I know the sequence number of the
> packet.
> > The only thing that I don't know is the session key.
> > For NTLMv1, I am able to calculate the session key using AUTH_CRAP
> message
> > to winbind.
> > But, for NTLMv2, this is not working.
>
> And this is by design. What you want to achieve is
> cryptographically not possible. No chance. There is just not
> enough information in the wire traffic to do what you want.
> This is one important reason that NTLMv2 is regarded more
> secure than older authentication protocols: These MITM
> attacks have been made impossible.
>
> With best regards,
>
> Volker
>
> --
> SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
> phone: +49-551-370000-0, fax: +49-551-370000-9
> AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
>
More information about the samba-technical
mailing list