Share via

4.2.4 NTLMv2 Authentication

  • Article

The following calculations are used in section 3.3.2.

The Challenge Flags used in the following NTLM v2 examples are:

  • NTLMSSP_NEGOTIATE_KEY_EXCH

  • NTLMSSP_NEGOTIATE_56

  • NTLMSSP_NEGOTIATE_128

  • NTLMSSP_NEGOTIATE_VERSION

  • NTLMSSP_NEGOTIATE_TARGET_INFO

  • NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY

  • NTLMSSP_TARGET_TYPE_SERVER

  • NTLMSSP_NEGOTIATE_ALWAYS_SIGN

  • NTLMSSP_NEGOTIATE_NTLM

  • NTLMSSP_NEGOTIATE_SEAL

  • NTLMSSP_NEGOTIATE_SIGN

  • NTLM_NEGOTIATE_OEM

  • NTLMSSP_NEGOTIATE_UNICODE

     0000000: 33 82 8a e2                                       3...

AV Pair 1 - NetBIOS Server name:

 00000000: 53 00 65 00 72 00 76 00 65 00 72 00               S.e.r.v.e.r.

AV Pair 2 - NetBIOS Domain name: 

 00000000: 44 00 6f 00 6d 00 61 00 69 00 6e 00               D.o.m.a.i.n.