Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 24 Oct 2017 13:46:11 +0200
From: Solar Designer <solar@...nwall.com>
To: Juan Diego <diego@...ux.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Hash thief on Windows shared folder with SCF files. ADV170014 NTLM SSO

Juan, all -

On Mon, Oct 23, 2017 at 04:47:46PM -0700, Juan Diego wrote:
> I want to share some information with the people on the list.
> On May 24, I found a problem with NTLM auth on Windows.

This is interesting, but it's mostly off-topic for oss-security, so as a
moderator I ask that further discussion please be handled on other lists
(once Juan's message probably gets through moderation in there).

Our only poor excuse for having this on oss-security at all is the use
of Open Source tools to demonstrate the attack - Metasploit, JtR, Samba -
but I think it's not enough of a reason to have postings like this on
oss-security.  If others feel differently, please let me know.

Juan, please re-read the oss-security list content guidelines, and note
that we not only require relevance to Open Source (lacking here), but
also discourage cross-postings:

http://oss-security.openwall.org/wiki/mailing-lists/oss-security#list-content-guidelines

"Please keep discussions relevant to Open Source software.  This is not a
list to discuss the behavior or problems with closed source software or
companies."

"Please don't cross-post messages to oss-security and other mailing
lists at once, especially not to high-volume lists such as LKML and
netdev, as this tends to result in threads that wander partially or
fully off-topic (e.g., Linux kernel coding style detail may end up being
discussed in comments to a patch posted to LKML, but it would be
off-topic for oss-security).  If you feel that something needs to be
posted to oss-security and to another list, please make separate
postings.  You may mention the other posting(s) in your oss-security
posting, and even link to other lists' archives."

No reply to this message is expected, unless there's relevant detail to
add (e.g., the same issue also present in certain Open Source software).

Thanks,

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.