Leveraging web application vulnerabilities to steal NTLM hashes

Leveraging web application vulnerabilities to steal NTLM hashes

Introduction NTLM authentication is the de-facto standard in corporate networks running Windows. There are a plethora of well-understood local attacks that take advantage of the way Windows perform automatic NTLM authentication, and abusing this feature is undoubtedly on the playbook of every penetration tester and red teamer. Here at Blaze Information Security, we recently spent […]