Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

NTLM Relay Is Dead, Long Live NTLM Relay

Hack In The Box Security Conference via YouTube

Overview

Explore the intricacies of NTLM Relay attacks in this 48-minute conference talk from the Hack In The Box Security Conference. Delve into the fundamentals of NTLM, including its message structure and protocols. Examine various attack techniques such as SMB Reflect Attack and Hot Potato. Investigate how NTLM Relay affects modern browsers, focusing on NTLMSSP over HTTP and Intranet Zone settings. Analyze the implementation differences between Windows 7 and Windows 10, and discover new attack surfaces in Chrome. Learn about the resurgence of SMB Reflection Attacks and understand Java's role in NTLM authentication. Gain insights into real-world cases and effective defense strategies against NTLM Relay attacks.

Syllabus

Intro
Speaker Bio
Abstract
What is NTLM
message (negotiation)
message (challenge)
message (authentication)
Protocols using NTLMSSP
Windows Name Resolution
SMB Reflect Attack
Hot Potato (win7)
Relay to another machine
Relay credentials to Microsoft Exchange Server
Modern Browsers
NTLMSSP over http
Intranet Zone
Internet Explorer API
What is Policy and Zone ?
Feature on WIN7 and WIN10 • write a simple program for testing
Implementation in the browser
Another attack surface in Chrome
SMB Reflection Attack Rebirth
When can Java send HTTP request?
Why Java can automatically NTLM authentication?
How to reflect the credentials to SMB?
A real-world case
How to defend against NTLM Relay?
Acknowledgement

Taught by

Hack In The Box Security Conference

Reviews

Start your review of NTLM Relay Is Dead, Long Live NTLM Relay

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.