[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20081117030900.036A315803E@smtp.hushmail.com>
Date: Sun, 16 Nov 2008 22:08:59 -0500
From: adrian.lamo@...hmail.com
To: yersinia.spiros@...il.com, atarasco@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: NTLM Multiprotocol Replay attacks
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear Andrea Tabasco,
To be fair, the only great thing about the cdc is the appetites of
the members, and the only great tools from the group would be the
members themselves. Thank you for misunderstanding the word
"great".
best regards,
- -al
ps: yes my name is Adrian Lamo, but not the famous one profiled in
the upcoming kevin spacey documentary, which will undoubtedly be
the greatest tool ever!
On Sun, 16 Nov 2008 08:31:21 -0500 Andres Tarasco
<atarasco@...il.com> wrote:
>Its a completely new tool as it does not share code with the old
>smbrelay
>however, as the main goal is to replay NTLM authentication
>challenges, i
>decided to name it "smbrelay", like the great cdc tool.
>smbrelay3 have been tested against windows 2000/xp/2003 and works
>fine.
>
>Andres
>
>2008/11/16 yersinia <yersinia.spiros@...il.com>
>
>> smbrelay in origin was, some years ago, created by CDC. M$ smb
>signing do
>> it historic. This tool is an evolution of this ?
>>
>> Regards
>>
>> On Fri, Nov 14, 2008 at 9:37 PM, Andres Tarasco
><atarasco@...il.com>wrote:
>>
>>> I have published a new proof of concept tool, named
>"Smbrelay3", that is
>>> able to replay NTLM authentication from several protocols like
>>> SMB/HTTP/IMAP/..
>>> http://www.tarasco.org/security/smbrelay/index.html
>>>
>>>
>>> Andrés Tarascó
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>
>
>--
>Andres Tarasco
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0
wpwEAQMCAAYFAkkg4EsACgkQ8J2EGU1ixm5dLQP/Z20Hjh+alyStBf7M9ak5VKdv/nwC
B0Q9xk33YSC62WZI/s3VWp8T3/Va2tPT0u6ENWWD2ghP0tqUksSNimUZZbn2Eo15N7Do
6uNJkZOgJYY5Dgc1CtfgycIQv6InTYOMq0ivUNV06DxPOLXrjDWEtXDbYWDN2w6R/zK2
H5Gxa20=
=rrXR
-----END PGP SIGNATURE-----
--
Love Graphic Design? Find a school near you. Click Now.
http://tagline.hushmail.com/fc/PnY6qxunKhThzwKUjVxfpkAYNnMCthxRQNxWRpZaB3lBQC3phlmoI/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists