Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

it's my understanding that NTLM hashes are sent over the wire...? therefore any machine on the local network could intercept this hash via network-level attacks such as ARP poisoning, WiFi attacks, etc. Then the cracking box would quite happily and easily brute force the entire 8 char keyspace and reveal the pass.

it's a different threat model to hash+email retrieval via sql injection which can lead to all sorts of nastiness involving hijacking email and then other accts



If they are sent over the wire I hope there is some additional encryption such as SSL involved in the transmission!

Otherwise regardless of hash crackability, one would be able to do authentication bypass by simply sniffing hashes and replaying them.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: