Learn about critical NTLM authentication vulnerabilities and exploits in this DEF CON 32 conference talk that examines Microsoft's planned deprecation of NTLM in Windows 11. Explore newly disclosed bugs reported to Microsoft, including a bypass for an existing CVE fix, while diving deep into novel attack techniques and unexpected discoveries from combining multiple bug classes. Gain insights into problematic default configurations in libraries and applications, along with significant gaps in Microsoft's NTLM security controls. Master hash coercion methods before this authentication protocol potentially fades into obsolescence over the coming decades.
NTLM Authentication Vulnerabilities and Exploits - A Final Analysis
Overview
Syllabus
DEF CON 32 - NTLM The Last Ride - Jim Rush, Tomais Williamson
Taught by
DEFCONConference
