You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"In the HTTP-GET module, NTLM encoding in Hydra ignores the entered usernames, passwords, and domain. It always encodes the same Net-NTLM string. I redirected Hydra through Burp Suite and captured the GET requests. The NTLM string did not change. Basic encoding worked fine. I tested versions 9.1 and 9.5 on both Windows and Kali Linux."
"In the HTTP-GET module, NTLM encoding in Hydra ignores the entered usernames, passwords, and domain. It always encodes the same Net-NTLM string. I redirected Hydra through Burp Suite and captured the GET requests. The NTLM string did not change. Basic encoding worked fine. I tested versions 9.1 and 9.5 on both Windows and Kali Linux."
hydra -I -l admin -p password -V servername http-get '/:A=NTLM:F=401'
hydra -I -l admin -p password1 -V servername http-get '/:A=NTLM:F=401'
proxy intercept always:
GET / HTTP/1.1
Host: servername.com
Authorization: NTLM TlRMTVNTUAABAAAAB7IAAAAAAAAAAAAAAAAAAAAAAAA=
User-Agent: Mozilla/4.0 (Hydra)
Connection: keep-alive
I'm not sure if the switch -m domain should work, but it would be good if it performed the prefix DOMAIN.
The text was updated successfully, but these errors were encountered: