Golovna  /  Breakdowns  /  C implementation of ntlm authorization in the program. Windows Authentication Procedure

C implementation of ntlm authorization in the program. Windows Authentication Procedure

Breakdowns
01.04.2023

Authentication is an indispensable procedure for a skin coristuvach, a computer and a Windows service record, but the mechanism is not completely mastered by system administrators. Kozhen knows that for registration in the computer it is necessary to enter the correct password, but how much does anyone know what to enter next? Windows Authentication and associated protocols are activated on a skin-to-skin basis when the computer or service is registered locally or on a domain controller (DC). In this article, there is a note about the basic principles of Windows authentication, and then about the protocols related to it. At the end, short recommendations are made on how to improve the reliability of the authentication procedure in Windows.

Authentication: global principles

Authentication is one of the components of a computerized access control system. As shown on screen 1, access control systems secure identification, authentication, authorization, and call.

Identification (identification). In the identification process, a collection of data is collected that uniquely identifies a security object (for example, koristuvach, group, computer, cloud record service) from a separate directory service. A directory service such as Active Directory (AD) allows objects to be uniquely identified, much like DNS knows that no two individuals can have the same email address. The internal mechanisms of Windows win SID, globally unique identifier (GUID) and other unique tags. For most types, for identification, it is enough to enter a unique name of the oblique record, for example, Rgrimes. The great fox AD has to zastosovuvat povnі іmenya koristuvachіv (user principal name, UPN), for example [email protected] When using smart cards, the security subject can issue their own digital certificate or a key.

Authentication or authentication. In addition, as a security subject to enter from the keyboard, or in another way, we give the information necessary for identification (for example, the name of the koristuvach, a security marker), it is guilty to enter from the keyboard, or give the private information, the password for the application code). For Windows, the security entity enters this information on the registration screen for the help of Microsoft Graphical Identification and Authentication DLL (msgina.dll) and Winlogon.exe. The authentication protocol is the mechanism of the system that encodes the information submitted to the desktop computer and transmits the authentication request. Windows authentication can be either SAM or AD. The SAM database services local registration procedures and registration on Windows NT 4.0 domain controllers. AD authenticates in Windows 2000 or in domains with newer versions of the operating system. An authentication protocol (for example, LAN Manager, NT LAN Manager, NTLM, NTLMv2, Kerberos) is negotiated to transport authentication and subsequent transactions between the login screen and the authentication service. Trochs lower for the skin the authentication protocol will be looked at more clearly.

Authorization (authorization). If the authentication service checks the combination of the identifier and the "secret" data of the authentication, then the validity of the security subject is considered to be successfully confirmed. Then the system collects information about the membership of the subject of security (tobto koristuvacha) from groups. It is not uncommon for a core to lie up to a number of precisely defined groups - local (local), domain local (domain local), global (global) and universal (universal) - as a result of the extraordinary procedures for admitting membership. The system checks the local groups with the local SAM database and checks the local and global groups on the DC controllers at the home domain of the host, as well as the universal groups on the DC to check the Global Catalog. Directly in the middle, the system collects all information about membership in groups in order to take away information about security permissions.

Once authenticated, the system selects the SID of the observable record and the listing about membership in groups in the object, which is called an access token. It is possible, koristuvachevi, to come and re-register in the system, so that new ones will be allowed to gain chivalry. As a rule, it is necessary to take access to an object (for example, a file, folder, printer, registry partition), protected by NTFS permissions, a process (for example, Windows Explorer) that appears in the name of the source, assigns its access token. The NTFS skin object can have its own list of access control entries (ACE), which, in fact, know the NTFS permissions (for example, Allow Read, Allow Write). A set of ACE elements, assigned to members and groups, compiles the Access Control List (ACL) of the object. It is noteworthy that the object of ACL representations by security permissions can be viewed in Windows Explorer.

The access marker, which avenges the appearance of the record of the group, with some kind of koristuvach, indicates effectively the koristuvach is allowed. The authorization process influences either the first or second access to the original object based on the matching of the access token with the object's ACL. Authorization is secured by Windows Security Reference Monitor (screen 1). The application shown on screen 1 has a separate Read, Write and Modify property. However, the Everyone group, to the extent that it can be koristuvach, cannot be allowed to Modify. Members of other groups may, at their discretion, allow Read and Modify, or allow Deny to the Everyone group Allow Modify. The object can also have ACLs that allow Full Control of the HR group, but do not overlap with this group. In this manner, effectively allowed the coristuvacha shdo object on screen 2- Read and Write.

Zvіtnіst (accounting). If the Windows audit mode is activated, the system saves authentication from the Security log, and the remaining component of the access control system is call. More foldable sub-cob registration and further authorization are taken in a few seconds and attached to the coristuvacha. All folding operations rely on the authentication protocol.

Protocol manager

The authentication protocol is responsible for accepting two tasks. In the first place, the wine is guilty of safely transferring transactions to the data base of the authentication and to any other computer on which the hosted resource is hosted. In a different way, the wine is guilty safely, and it is safe to save the password and the marker. The rest is of particular interest to password hackers. The authentication protocol is guilty of stealing corrupted information when forwarded to the authentication database (that is, SAM or AD). For which protocol is signed, you encrypt the transaction. In addition, I hope the timchas' mark, so that the burglar is not able to speed up with oblique tributes in the future. In order not to allow the password of the koristuvach to be misunderstood from the data base, the protocol is responsible for secretly storing passwords from the database of authentication.

For more than ten years, the authentication protocols have mostly been secured with a password-saving way in the attached form (sound hashed) in the data base of authentication and again in the data base for the transfer of passwords between the data base in the form of authentication. The request-withdrawal process looks like this:

  1. The computer takes data for identification and authentication in order to retrieve and request authentication on a specific server.
  2. The Authentication Server generates a valid value (called Challenge) and sends a challenge.
  3. The requester will request and execute mathematical operations over it with the attached password form, and then transfer the result (titles of the response - response) to the authentication server.
  4. The Authentication Server also performs math manipulations using a method identical to the one used on the workstation, and matches the result with the retrieval. As the results are collected, the query is taken into account to be successfully authenticated.

Authentication protocols have an authentication process, so the password is never transmitted through the mesh.

Local and domain registration

One of the first things Windows needs to do when registering is to determine whether the procedure should be left to the local machine or cloud record to the domain. Koristuvachs, which are registered in the name of a local oblique record, may only have access to computer resources, and as such, information about the oblique record of a coristuvach is stored in the local SAM database. As a rule, coristuvachs need to go back to resources on a remote computer without authentication in the domain, their appearance of the record is due to be duplicated in the local SAM database of the skin-accessible computer. Cloud records on the participating skin computer must be synchronized (same registration names, passwords and terms for cloud data on all machines). Otherwise, the camp is significantly aggravated. It is important to serve peer-to-peer (P2P) networks of medium connections, which require only local registration procedures.

On DC, there is no way to synchronize a lot of cloud records on different computers. At the beginning of the domain authentication of the computer, registered in the domain, the DC controllers are joking to present the form data of the domain form record of the coristuvach when the authentication is requested. In this way, as far as the coristuvach is trying to gain access to the local resource of any machine, then the whole computer asks the DC to reverify the identity of the coristuvach that it asks. Cloud records of the corresponding domain are less likely to be hosted on DCs and are created less than once. If there is a computer-participant, which needs to make a visible record at the domain, you can go back to the DC controllers at any time. Problems of synchronization of registration names, passwords and terms are not to blame, so cloud data and cloud record management are only available in one place - on DC. Regardless of the type of registration (local or domain), Windows can authenticate the password.

Windows authentication protocols

As planned, Windows will install some of the main authentication protocols: LAN Manager, NTLM, NTLMv2 and Kerberos. LAN Manager showed up for DOS hours and continued to work with the first versions of Windows. NTLM buv vypuscheniya at once іz NT. New to NT Server 4.0 Service Pack 4 (SP4) is NTLMv2, and Windows 2000 brings Kerberos. Behind the promotion, all computers with Windows 2000 and new operating systems are combined with the usual authentication protocols. Transmitting to the system vodpovidni commands, other working stations and servers can choose the protocol for processing the authentication request. Windows 9x and newer systems with a new set of software fixes for LM, NTLM and NTLMv2. On the Microsoft Kerberos platform, only Windows 2000 clients (or newer ones) can be defeated when migrating to Windows 2000 (or higher) domains. A computer with Windows 2000 or a new version of the operating system is responsible for the mother of Kerberos and adopts one of the authentication protocols.

Investigations in the security room have shown that the older protocols (LM and NTLM) are effective against various eavesdropping and password guessing attacks.

LAN manager

IBM has expanded the LAN Manager protocol by bugging it in early versions of Windows and Windows Merezhe. As with the Microsoft authentication protocols, LAN Manager generates a hash of passwords (LM hash), which is chosen by the administrator and master of the authentication process. LAN Manager forms an LM hash, changes all password letters to uppercase, splits the password into two 7-character halves, and then encrypts it. Nadal LM-hash is won in a number of subsequent operations, similar to the request-request process described above.

If earlier LAN Manager was generally acceptable, then at the same time it becomes even more undesirable. With the help of special tools, passwords encrypted using the LAN Manager hashing method can be converted into plain text in just a few seconds. LM-hashes of power and important shortcomings, as well as a number of different places:

  • passwords can be formed from an interlaced sequence of 128 ASCII characters;
  • password length is selected from 14 characters;
  • if the password is less than 14 characters, then the daily characters are replaced easily with a hashed form, which allows you to accurately determine the maximum value of the password;
  • before LAN Manager caches, I change all letters of the password characters to upper case.

Why does LAN Manager do not need to be updated? With the help of a significant amount of wines active behind the keys on all Windows computers, Windows Server 2003. In the new data bases of Windows authentication, a weak LM-hash is saved from the larger ones just at a time, which can happen to the LAN Manager transaction. If the enterprise does not accept other programs that require LAN Manager authentication, you can (and should) enable LAN Manager.

NTLM

With the advent of NT, Microsoft designed and developed the more advanced NTLM authentication protocol. NTLM has an efficient authentication algorithm that creates a larger password hash (NTLM hash). The NTLM password can be up to 128 characters long. On the view of the LAN Manager hashing, surrounded by more than ASCII characters, NTLM is combined with the full set of Unicode characters, which increases the folding of passwords. The NTLM hash is parsed at the 128th character, converted to a 16-bit Unicode value, processed by the MD4 sub-function, and stored in a 32-character hexadecimal row. The cost of using the NTLM hash in the NTLM Authentication Request-Request Sequence operations is a lot of money for the LAN Manager procedure.

NTLMv2

As a result, it was clear that both NTLM and Microsoft facsimiles were preparing NTLMv2, which dossier should be done by them, wanting the shorter protocol - Kerberos. NTLMv2, as before, is widely used for local registration and in some other ways. NTLMv2 is similar to NTLM, but in the NTLMv2 password hash, HMAC-MD5 authentication is cracked, and the request-request sequence is supposed to be an hour mark to prevent attacks, in the course of which the attacker writes the cloud data in the year.

In general, NTLMv2 has a greater resistance to brute-force attacks, lower NTLM, and a 128-bit encryption key is blocked in the protocol. There are only two programs for evil passwords (one of them is Symantec's LC5), for the help of which it was possible to enter NTLMv2 hashes of passwords.

Kerberos

Microsoft adopted Kerberos as a domain authentication protocol for Windows 2000 domains, and then AD. Kerberos is a standard that is compatible with third-party domains (called realm - in UNIX and Linux). Skin DCs in AD domains play the role of a rozpodіlu server (Kerberos Distribution Server, KDC) and can take part in the authentication procedure. Security is moving ahead of the advancing characteristics of Kerberos:

  • mutual authentication between the client and the server;
  • nadіynyy zahist password, so that Windows resend the password only in the case of a comm, and not in the skin under authentication, and all sessions are encrypted;
  • the sequence of asking-withdrawal from the mark of the hour does not allow the burglar to win over the password after the song hour;
  • the server process can be sent to a remote resource named after the koristuvach;
  • interoperability.

A short description of the Kerberos robot:

  1. After successful initial authentication, the computer will request a security ticket from the Kerberos (DC) server for possible authentication requests.
  2. The Kerberos server asks for a ticket to participate in future authentication pods and authorization without re-producing the authentication bud data.
  3. If it is necessary to request a server-participant resource, we will accept a smaller access ticket from the Kerberos server and present it to the server for revalidation.
  4. Authentication data is not transmitted by the network channels to the next one in the next authentication sessions (until now, until the term of the ticket seen in step 2 ends).

If you want to use the Kerberos principle to guess the infrastructure with a private key infrastructure (PKI), all information is protected by a variety of symmetrical keys (for a wide range of asymmetric keys, which should be in the majority of authentication services).

Smart cards

The strength of passwords and other methods of authentication based on one parameter is greatly reduced. Electronic commerce penetrates into everyday life and grows as a number of methods of stealing special data (spam, fraud from URLs), as well as the possibility of scamming with passwords. It is important to note that authentication with two parameters - in the form of smart cards, USB devices and other cryptographic devices - will soon become a significant phenomenon for transactions to the Internet. Microsoft retailers are working on their own functionality for working with digital certificates and smart cards. For smart card recovery, you need to install Certificate Services and extend smart card certificates. Obviously, you also need physical smart cards, add-on reading and software security of the postal worker. If so, users can insert smart cards into a local reader to access a Windows computer. With a competent choice, smart cards can significantly increase the authenticity of authentication.

Authentication protocol protector

In some articles, it is clear that the Microsoft authentication mechanism is broken, as before, simply. In fact, out of 20 tools for an evil password, only two work with NTLMv2 and only one works with Kerberos. Ale, having grown a sprat of simple crops, you can carry out this threat. In order to prevent attempts to guess and reset the password, you need to get used to the upcoming logins (more parameters can be configured locally or with the help of Group Policy).

  • Avoid saving LM hashes as described in the Microsoft article "How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases" ( http://support.microsoft.com/default.aspx?scid=kb;en-us;299656). It is worth trying to get the hackers to give the password to the hackers.
  • Disable all authentication protocols, including NTLMv2 and Kerberos (after initial testing). The procedure is described in the Microsoft TechNet article "Network security: LAN Manager authentication level" ().
  • Protect against the risk of interfering with these replacement noses in order to prevent the launch of tools with an evil password in bypassing the operating system. Fence of cob vanishing from the used disks, okrіm obrago for umovchannyam, zapobіgaє access of stand-alone programs to the evil password to the data base of authentification, dezberіgayutsya hashі passwords.
  • Koristuvachі vinnі to recognize foldable passwords of the zavdovka not less than 8 characters.
  • Coristuvachi are obliged to change their passwords at least once a quarter.
  • Activate the blocking of the oblіkovogo record if you want to use one whilin with automatic discounting. Tse zapobіgaє razgaduvannyu passwords at merezhі.

Obov'yazki koristuvachіv

Zavdyaki NTLMv2, Kerberos and Windows smart cards can rely on authentication mechanisms, hits before listening and brute-force attacks. However, optimal procedures and other authentication protocols do not help, as they assign weak passwords. It is necessary to learn how to choose passwords correctly and to make sure that the passwords are collapsible and superfluous.

Roger Grimes- Windows IT Pro editor and security consultant. May have CPA, CISSP, CEH, CHFI, TICSA, MCT, MCSE: Security and Security+ certifications.

Not long ago I got stuck with such a problem: Firefox, Chrome, Opera don't want to go NTLM authorization. One, who passing - then tse IE. Forgetting to say that such a problem is Windows7. Troubleshooting methods will be described below.

opera: not officially endorsed NTLM-authorization, if you want to know the item in the settings, which allows you to enable or disable this option. Therefore, in setting up your proxy server, you need to add basic authorization. What would you say NTLM authorization(And you can work smarter through the proxy browser) Work like this:

1) type in browser about:config
2) go to the NetWork partition and uncheck the Enable NTLM parameter
3) restart the browser.

True, there is one nuance (this is how to move the immaturity): at the first start, you will have to enter the login password (really, it is with the domain) and check the box "Save". Now, with a skin attack on the browser, the authorization plate will appear, and you will just need to press "OK". It’s not clear, but you can see.

Note: sometime on some operating systems, it has happened to be NTLM authorization. Perhaps it was also lying in the versions of the browser and OS.

Firefox, Chrome: stench pіdtremuyut, wanting to need a trio of shamanism. I will describe a few options that I have found on the Internet, you may have to try everything until you find the one that suits you.

1) it will be necessary to add in the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa the parameter under the name LmCompatibilityLevel type DWORD and bring your meaning 1 . If you need to change the computer (the most option is less pidijshov)

2) shob Firefox moment pass ntlm It is enough to enter the authorization in the address bar about:config and change the parameters to the following:

network.negotiate-auth.delegation-uris = http://,https://
network.negotiate-auth.trusted-uris = http://,https://

Then restart your browser.

3) Vidkrivaєmo policy editor ( gpedit.msc) Computer Configuration -> Windows Configuration -> Security Settings -> Local Policies -> Security Settings -> Security Security: LAN Manager Authentication Recheck Level and set the parameter Nadsilati LM and NTLM - win NTLMv2 session security for the weather.

Because of what the policy is being curtailed, it is being revanquished.

If you have an English version, then like this: machine policy->computer config->windows setting->local policies->security option->Network security: LAN Manager authentication level and choose LM & NTLM - Use NTLMv2 session if negotited.

4) Another option is to fix it through squid_ldap:

auth_param basic program /usr/lib/squid3/squid_ldap_auth -b "cn=users,dc=office,dc=uk" -f "sAMAccountName=%s" -h 192.168.0.74 -D "cn=administrator,cn=users, dc=office,dc=en"-w "secpass"
auth_param basic children 5
auth_param basic realm My inet Proxy
auth_param basic credentialsttl 60 hwilin

external_acl_type nt_groups %LOGIN /usr/lib/squid3/squid_ldap_group -R -b "cn=users,dc=office,dc=ru" -f "(&(cn=%v)(memberOf=cn=%a,cn= users,dc=office,dc=ru))" -D "cn=administrator,cn=users,dc=office,dc=ru" -w "secpass" -h 192.168.0.74

acl all src 0.0.0.0/0.0.0.0
acl group_inet external nt_groups inet

http_access allow group_inet
http_reply_access allow all
icp_access allow all
http_access deny all

Have some kind of vipadka try 🙂

02/11/2011 Jean de Klerk

Be it a Windows administrator, zrozumіlo, more than once had a mother on the right with two main authentication protocols for Windows environments: Kerberos and NTLM. This article is dedicated to how Kerberos and NTLM are supported in Windows 7 and Windows Server 2008 R2 systems. A little later, I want to deal with the key powers between protocols.

Microsoft retailers used to implement the Kerberos protocol on Windows 2000 systems. The NTLM protocol was upgraded much earlier, in Windows NT hours. Kerberos is an authentication protocol based on the concept of a trusted third party (TTP), while the NTLM protocol is based on the challenge/response mechanism. Reports on the difference between the two protocols are described in the table.

When exchanging data for an hour of authentication with the NTLM protocol, a server resource (for example, a file server) generates a request that forces the client. The client forms an NTLM pass, which includes the password hash of the koristuvach, and the server checks the correctness of the pass. As the client wins the local cloud record, the server checks the password for the password hash that is stored in the Security Account Manager (SAM) cloud record manager (SAM) local database. As the client freezes the domain cloud record, the server sends the signature for verification to the domain controller, but the domain controllers collect copies of the hashes of the correct passwords from their Active Directory (AD) databases.

For Windows Kerberos, a trusted third party is a Windows 2000 domain controller or a newer version on which the Kerberos Key Distribution Center (KDC) service is hosted. The KDC center facilitates the authentication procedure between the client and the server. The KDC service is automatically installed as a component of the AD system and consists of two subsystems: the Authentication Service (AS) and the Ticket-Granting Service (TGS).

If the password is registered in a Windows domain using the Kerberos protocol, the Windows client will first check the permission of the password on the domain controller for the help of the password of the password. At the same time, the client requests a Ticket Grant Ticket (TGT) ticket to the authentication service. TGT can be seen as a time password (for locking one hour of life becomes 8 years old), which replaces the password of a koristuvach in advance requests for authentication. If it is necessary to go back to the server resource, the client should present the TGT to the TGT viewer to check the reference on the server resource. Please note that, in NTLM mode, the Kerberos protocol is not valid for local authentication of the Windows Cloud Recorder Security Manager; This area is blocked by domain authentication on the domain controller.

Kerberos is the standard authentication protocol in Windows 2000 and newer versions of Microsoft. In these operating systems, the authentication protocol is used as an additional authentication mechanism. As the Kerberos protocol, which is promoted for promotion, does not fit or is not supported by one of the client or server components that take part in authentication, Windows will switch to the NTLM version.

Why Kerberos?

Kerberos is efficient, lower than NTLM, and for a few reasons. When using the Kerberos protocol, the password hash of the password is exposed more slowly than NTLM. The hash of the password is only exposed in that case, if the password is requested by TGT - in fact, once in a year. On the other hand, at times when NTLM is blocked, the password hash is exposed every time the client uses NTLM to authenticate to the server. For some people it is important to override the Kerberos protocol before NTLM; It is worth noting that there are special tools that check the network traffic for the presence of password hashes. These tools zahoplyuyut revealed hash and using the method of selection to recover on their basis the passwords of the koristuvachiv.

Another advantage of Kerberos is that its protocol sends a different clock to defend against packet retransmission attacks. This is why it is so important to have a sync service running in a Kerberos-centric Windows environment. In Windows 2000 and newer versions of the system, the service works for an hour without a forward upgrade. Likewise, the computer year on different computers is not synchronized, it can turn into additional traffic in the authentication process behind the Kerberos standard or - in the worst case - such a situation can cause a pardon in the authentication process.

On top of that, the Kerberos protocol implements such thorough authentication functions as mutual authentication and delegation of authentication. Mutual Authentication means that the server and the service interpret the correctness of one another, just as the NTLM capabilities are intermingled with the authentication of the server. Without these functions, they can blame the situation, if the coristuvachi give oblique data to a fictitious server.

The service can go to remote resources in the name of the koristuvach for an additional authentication delegation mechanism. In other words, the koristuvach can give the system to the intermediary the right to confirm in his own name his (koristuvach) right on the server of supplements. As a result, the addendum server will take away the possibility of accepting authorization decisions not on the basis of the identity of the intermediary system, but on the basis of the identity of the host. The function of delegating authentication is already rooted in rich add-ons, such as access to databases for an additional external interface based on the Web.

Nareshti, it is necessary to say that, wanting to use Microsoft's fahivtsy, they let the great work of modernizing the NTLM protocol, and they themselves created the NTLMv2 version, as it is supported in the NT4 SP4 environment and newer versions, the Microsoft Kerberos product implements more current encryption algorithms. I'll tell you about the report at the branch dedicated to the encryption techniques of the Kerberos protocol

Exchange for NTLM protocol

Authentication privileges are not prompted by the Kerberos protocol. Note that AD Server 2008 Windows often uses the NTLM protocol, for example, if you are connecting to a pre-Windows 2000 Windows system, or if you are connecting to a publicly available resource using the additional net use command and an IP address (rather than a NetBIOS name). In addition, programs that do not have principal names (SPN) service principal names (SPNs) set to proper rank will still override the NTLM protocol.

To find out which protocol - NTLM or Kerberos - is present at the moment, you can visualize NTLM traffic for the help of the netmon utility or another network tracer; An alternative option is to convert the Kerberos ticket cache using the additional klist tool (which is included before the Windows 7 and Server 2008 delivery kits). In Windows 7 and Server 2008 systems, the Microsoft facsimiles have implemented new group policies, for the help of which you can inspect and block the NTLM protocol with your programs and programs. There are three such policies: one for incoming NTLM traffic (for blocking and blocking on the server side), another for outgoing NTLM traffic (for blocking and blocking on the client side), and the third for domain traffic (for blocking and blocking on the domain controller's side). The stench is located near the Security Options Group Policy Object (CPO) container, spend as much as you can, sequentially selecting the items Computer Configuration, Windows Settings, Security Settings, Local Policies (div. Screen 1). All stinks are based on the Network security: Restrict NTLM: element.

The skin of the policy setting may have parameters audit and block. When you enable the NTLM audit function, the program creates log entries with NTLM output logs and the numbers 8001, 8002, 8003, and 8004. The log entries are stored in the Operational container with access to Event Viewer (Local), Applications And Services Logs, Microsoft, Windows, NTLM . I recommend for starters to audit NTLM at the test environment and the details about those, so that all your programs are properly represented there. As soon as it is quite enough to block the victorious protocol, more for everything, such programs will not function. To prevent wasted data, next before the beginning of the NTLM audit test, install a solution for collecting audit data; You can get started with the Windows Event Collector, Event Subscriptions service or solutions from an independent supplier. In addition, I recommend us to start monitoring NTLM on servers. You can connect clients for detailed analysis, once it becomes clear that the server uses the NTLM protocol. Once you know how NTLM hack programs are, you can develop an NTLM blocking strategy. This strategy can include a blaming strategy for old add-ons, which can't be rewritten or re-implemented, and which must always force NTLM overwriting.

Unfortunately, NTLM cannot be hacked on older Windows systems. However, many systems allow versioning of the NTLM protocol. You can, for example, enable the LM fragment to the NTLM authentication protocol (but this fragment is weak by nature) or set the primus lock to the NTLMv2 protocol. To set up Network Security quickly: LAN Manager Authentication Level GPO, which is located in the Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options GPO container (div. Screen 2).

Set up Kerberos encryption

Cryptographic protocols, which are victorious as authentication protocols, play an important role in the security of the rest. As I have already indicated, in my gallery the indicators of Kerberos are higher, lower in the NTLM protocol. The RC4 encryption algorithm is the first implementation of the Windows Kerberos protocol in Windows 2000 and is supported in Server 2008 systems, as well as in Windows 7 (more precisely, it is supported by the same version of RC4_HMAC_MD5). For Server 2008, Windows Vista and newer versions, Microsoft retailers have added encryption features beyond the Advanced Encryption Standard, AES, while Windows 7 and Server 2008 R2 systems have added Kerberos AES encryption types (AES128_HMAC_SHA1 and AES256_H) AES is a new encryption algorithm, lower DES. Kerberos logic on domain controllers in the transition to the AES encryption standard, if you upgrade the AD domain to Windows 2008 Domain Functional Level (DFL).

On Windows 7 and Server 2008 R2 systems, DES encryption for the Kerberos authentication protocol behind the lock is disabled. Through this, the problems of consistency can be blamed, as one of the old programs is simply encoded for encryption only after the DES standard, or as a Windows cloud record that encrypts that chi іnsha service (the cloud record of the service), the encryption on the other hand is not DES-encrypted. Both services or programs will work fine, so you can't change the default service or the program to support a different type of encryption (RC4 or AES) or not support the DES standard.

To clarify, if you have programs or services that are encoded for encryption exclusively following the DES standard, you can run a wire tracer at the start of a viable program or service and reverse the Etype fields in the Kerberos authentication headers. In order to determine which AD computer cloud record is selected for the selected DES encryption types, you need to check which is selected on the Account tab of the object's authority parameter Use Kerberos DES encryption types for this account. These powers can be accessed from the AD Users and Computers MMC snap-in.

In order to find out more about the re-verification and to show that you have a problem, you can activate DES encryption for authentication with Kerberos help on computers that function under Windows 7 or Server 2008 R2, with the help of GPO, configure the Network security type: encryption, combined with the Kerberos standard; cі parameters of expansion in the container Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options GPO.

Also, with two Windows authentication protocols, an additional one is the Kerberos protocol. Administrators should always be careful about the fact that corrupt programs are blocking Kerberos itself, and not NTLM. New exchanges using NTLM, implemented in Windows 7 and Server 2008 R2 systems, reveal to us the miraculous ability to reach the goal.

Jean de Klerk [email protected]) is an HP Security Office guide. Specializes in authentication parameters and security in Microsoft products


Authentication in Windows Server 2008 R2 and Windows 7


Dosledniki fates rozpovidat at conferences that the technology of single sign-on (Single Sign-on) is unsafe. Such a single authentication system for everything was once zastosovuє Microsoft, and fahіvtsі s іnformatsiynoїї sche schche 1997 rock talked about those who are not really a good idea. In the meantime, the versatility of a single entrance in a flash and at the time of work with SMB-resources of the zokrem was demonstrated by the Russian report ValdikSS. Vin described the method that allows you to compromise the victim's Microsoft Account, deanonymize Microsoft accounts and find out about the VPN.

In fact, for the successful implementation of the attack, it is enough for the attacker to disguise the message to the SMB resource (merezhevі resources: files and folders, printers, etc.), for example, to capture the image of the victim. The attack works on all current operating systems, including Windows 10 with remaining updates. Moreover, they talked about these problems with NTLM authentication no more than 1997, they are regularly discussed. So, the chains were broken (PDF) of the last fate at the BlackHat conference. It’s a pity that nothing changes in the form of some riddles.

On "Habrahabrі" koristuvach ValdikSS spoke about those how it is possible to exploit the "bug from the 90s" in our day. The follower writes:

“Just how do you try to send a message to an SMB resource in a standard browser (Internet Explorer, Edge) or be it a program that works through standard Windows API wikis or Internet Explorer as an engine for displaying HTML (Outlook, Windows Explorer), SMB - the resource will immediately take away the data of your public record before you enter the password entry dialog. It’s enough for an attacker, for example, to add a message to a picture from an SMB server on the side of the site, or send you a sheet, which just send a message, and - boom! - a tribute to your oblіkovogo record in the hands of an evildoer.

If the name of the public record and the hash of the password of the home computer are not affected by a catastrophe, then if you go to the corporate domain, it starts with the call of another Rozmov.

“Name the domain, sound awkwardly, before which organization there is an oblique record, and then, after a successful password selection, you can try to authenticate on corporate resources available from the Internet (mail, VPN).

Ale, do not change the password, you need to pick it up. If you know what resource, where you can log in with NTLM authentication, you can in real time, like a client, connect to your SMB server, proxy the client to the remote server and the server to the client, !”, explains ValdikSS.

The situation is also exacerbated by the fact that in today's Microsoft OS, they are actively pushing through the version of a single Microsoft Account, literally zmushyuyuchi koristuvachi doing yoga. For corrupt Microsoft Accounts, such attacks can be unsafe, and not only for organizations, but also for private individuals. On the right, in the fact that during an attack on the attacker’s SMB server, data will be transferred, which, in fact, will compromise the victim’s Microsoft Account, and impersonal services (Skype, Xbox, OneDrive, Office 360, MSN, Bing, Azure and so on). far).

It is also worth writing that in a number of attacks it is possible to win in order to extract data about the login and password hash of the victim's VPN connection.

At the same time, ValdikSS described a number of ways to exploit problems with NTLM authentication. The cream of obvious speeches, the last one, having uttered a victorious break for the deanonymization of the coristuvachs:

“Exploitation with the method of deanonymization - tsikavish. The oblique record will be superimposed on the sides of the site, as a victim of Internet Explorer's win, or when pressed in the middle of the sheet, near Outlook. May all web-interfaces of mail services filter pictures with the file:// scheme when a sheet is displayed (the file:// scheme is an analogue of the \\ scheme), but not Yandex, which does not care about its own strife (which is correct). The deanonymization of the vowels is not safe, because gives a call not only to IP-addresses with a clear record of Windows, but also with a message.

Chrome scheme file:// tezh pratsyuє, but only from the address row. Take advantage of the SMB picture, or when you press on the force, you won’t see it. Since Chrome is richly popular Internet Explorer, it happens to zastosovuvat social engineering.

You can steal your own account for good. Actual VPN-providers use the same logins and passwords both for logging into the public record and for VPN-authentication. The affiliation of the oblique record to that other service can be assigned to the IP address of the input connection of the koristuvach. And if you got a Microsoft Account, and you knew the password from the hash, then I guess - you have access to files in OneDrive, Outlook, Skype public record, as well as linking to a Microsoft account, and a bunch of everything else.

At the end of ValdikSS, write that it is possible to protect against such attacks, for example, by limiting access to TCP port 445 for all address ranges, Crimea:

  • 192.168.0.0/16
  • 169.254.0.0/16
  • 172.16.0.0/12
  • 10.0.0.0/8
  • fd00::/8
  • fe80::/10

Also, in the comments to the article, the offensive method was propagated:

Windows Registry Editor Version 5.00


"RestrictReceivingNTLMTraffic"=dword:00000002
"RestrictSendingNTLMTraffic"=dword:00000002

In addition, having created a special side, it allows you to turn your system to the point of being inconsistent in front of these types of attacks.

Windows NT power/wake up. When integrating Windows authentication, the client's browser checks itself on the server for cryptographic exchange of data.

Integrated Windows authentication supports both the Kerberos v5 protocol and the NTLM (NT LAN Manager) protocol for authentication behind the Negotiate package. For the presence of Active Directory and similar support by the browser (IE 5 or more on the Windows 2000 platform), the Kerberos protocol wins, and also the NTLM protocol. Yak Kerberos, і NTLM can deyak_ obezhennya. Tsіkavim є the fact that the strengths of one give to the weak missions of the other. Kerberos, sound, works with proxy servers, but with intermediary screens, it functions less effectively. NTLM sound works through intermediary screens, but it can also be done in the middle between proxy servers.

Word decal about Microsoft Negotiate

Microsoft Negotiate is a package that provides a service interface between different service providers for security. VIN can be changed between different authentication packages. IIS uses the Negotiate package for authentication, and in which case you choose the Kerberos protocol or the NTLM protocol. Which package is also given the support of the future authentication packages, which is the negotiate. By default, Negotiate chooses Kerberos as the most secure protocol. As if the Kerberos protocol is causing the inaccessibility, Negotiate will fall back to the NTLM alias.

NTLM authentication

NTLM is an extended version of the old LM (LAN Manager) authentication protocol. NTLM is used for additional power/width support between the server and the client without transferring the password to the koristuvach through the fence at the open sight. The client is responsible for confirming those who know the password of the koristuvach for help correcting the encrypted hash.

NTLM functions in this way.

  1. Koristuvach kazuє іm'ya koristuvach, the password that іm'ya domain pіd hour login to the client computer.
  2. The client creates a hash of this password and sees the original.
  3. The client manages the server with the name of the koristuvach at the top view.
  4. The server sends to the client a 16-bit fragment of data data.
  5. The client encrypts the fragment, as well as the hash of the password that is sent to the server.
  6. The server sends the name of the koristuvach, a data fragment of the data and the client's input to the domain controller.
  7. The domain controller encrypts the entries of the data at once with its own hash of the password of the koristuvach, after which it matches them with the elements sent by the server.
  8. If the values ​​are changed, the domain controller will notify the server about the successful completion of authentication.
  9. If the value is not corrected, the domain controller informs the server about the server, which forces the client to notify. Then the browser of the client asks for a koristuvach authentication data.

Kerberos authentication

In ancient Greek mythology, Kerberos is a caustic trigolovy dog, which guards the underground world of people. Nowadays, the term Kerberos is a protocol for secure authentication for accessing resources. Kerberos is based on authentication with a secret key, when a client or a server uses the same key for encryption and decryption. The client to bring the knowledge of the key for additional encryption information, and the server to bring the knowledge of the key for additional decryption of the information. Then the server takes part of the information, encrypts it and sends it to the client. If the integrity is preserved, the result of authentication will be positive.

The Kerberos robot runs on a central server called the Key Distribution Center (KDC) ( Center for distribution of keys) that you give all the necessary keys. The KDC issues the TGT tickets ("Tickets for Receiving Tickets") and tells its clients to request access to the resource on the server.

Below is the process of withdrawing a TGT ear ticket by the client.

  1. Koristuvach zdіisnyuє enter the computer-client from the assigned name of the password.
  2. The client encrypts the password and saves it.
  3. The client manages the KDC notification from the request for authentication data for the TGT service, as well as encrypting the password of the koristuvach.
  4. The KDC checks the encryption password with its own master copy to verify its identity. It is also necessary to recheck the time stamp, which is given by the client to the request, in order to confirm that the stamp has an hour within five minutes of the KDC high hour.
  5. At the same time, KDC creates power authentication data for TGT service for additional generation session key the entrance and encryption of yoga on the keys of the koristuvach.
  6. KDC creates another fragment authentication data for help encryption session key the input of that TGT is protected by its own reference key.
  7. KDC overpowering resentment fragments authentication data client.
  8. The client decrypts the session key on the first login authentication data for the help of an encrypted password, she takes the session key to enter the cache of her ticket.
  9. The client also collects TGT from his ticket cache.

Now the client can TGT, and you can win a ticket to withdraw tickets for access to resources. The axis seems to be the same.

  1. The client requests a ticket to the KDC for access to resources on the server. The client sends its TGT to the KDC center at once from the required resource and authentication notifications, encrypted on the session login key.