Feature #357
NTLM auth for MSSQL modules
| Status: | Rejected | Start date: | 10/13/2009 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | HD Moore | % Done: | 0% |
|
| Category: | general | |||
| Target version: | - | |||
| Resolution: | duplicate | How To Use: | ||
| Release Note: |
Description
Suggested by Jay, additional info below from Kurt Grutzmacher:
In theory it shouldn't be that difficult since the framework already has LMv1/NTLMv1 libraries built in. It would be a matter of creating a mssql_ntlm_login() function to do valid LM/NTLM requests. As it is right now the mssql_login() function uses a hard coded SQL authorization network packet.
JTDS may help with this endeavor since they've already reversed the authentication protocol:
http://jtds.cvs.sourceforge.net/viewvc/jtds/jtds/src/java/net/sourceforge/jtds/jdbc/
You'd need to be cognizant of the protocol requirements for all phases of NTLM auth. An existing authentication pcap would also help development further. I don't have such an environment easily accessible at the moment but it would be a nice feature to add to MSF.
History
#1 Updated by James Lee about 2 years ago
- Target version changed from Metasploit 3.4.0 to Metasploit 3.4.1
#2 Updated by James Lee almost 2 years ago
- Target version changed from Metasploit 3.4.1 to Metasploit 3.5.0
#3 Updated by HD Moore over 1 year ago
- Status changed from New to Rejected
- Target version deleted (
Metasploit 3.5.0) - Resolution set to duplicate
Duplicate of #402