!!! Overview
[{$pagename}] ia typically an [Attack] that allows an [attacker] to [authenticate] to a remote [Service Provider] by using the underlying [NTLM] or [NT LAN Manager] [hash] of a user's [password], instead of requiring the associated [plaintext] [password] as is normally the case.

After an [attacker] obtains valid user name and user [password] [hash] values (somehow, using different methods and tools), they are then able to use that information to [authenticate] to a remote [Service Provider] using [NT LAN Manager] or [NTLM] [authentication] without the need to [brute-Force] the [hash]es to obtain the [plaintext] [password] (as it was required before this technique was published).

[{$pagename}] [attack] [exploits] an implementation weakness in the [authentication] [protocol], where [password] [hash] remain static from session to session until the [password] is next changed.

This technique can be performed against any server or service accepting LM or [NTLM] [authentication], whether it runs on a machine with [Microsoft Windows], [UNIX]/[Linux], or any other [Operating System].


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]