VULHUB ™

Modifying Windows NT Logon Credentials - A common attack against Windows NT consists in obtaining usernames and LM/NT password hashes using tools such as L0phtCrack, or tcpdump-smb. These are then used to gain unauthorized access to file and printer shares on the attacked server. To be able to use this username/hashes pairs instead of the commonly used username/password pairs, the attacker must use some kind of modified SMB client. SAMBA, a Unix implementation of the SMB/CIFS protocol, is normally used by attackers due to the availability of its source code, what makes its modification to conform to their needs extremely simple.

Modifying Windows NT Logon Credentials - A common attack against Windows NT consists in obtaining usernames and LM/NT password hashes using tools such as L0phtCrack, or tcpdump-smb. These are then used to gain unauthorized access to file and printer shares on the attacked server. To be able to use this username/hashes pairs instead of the commonly used username/password pairs, the attacker must use some kind of modified SMB client. SAMBA, a Unix implementation of the SMB/CIFS protocol, is normally used by attackers due to the availability of its source code, what makes its modification to conform to their needs extremely simple.