How NTLM authentication works
By Andrei Ungureanu - Last updated: Tuesday, February 23, 2016 - Save & Share - Leave a Comment
Despre Kerberos se tot vrobeste insa sunt multe cazuri in care ne confruntam si cu NTLM iar pentru a diagnostica problemele de autentificare e bine sa intelegem si cum functioneaza.
Mai jos sunt etapele procesului de autentificare:
- (Interactive authentication only) A user accesses a client computer and provides a domain name, user name, and password. The client computes a cryptographichash of the password and discards the actual password.
- The client sends the user name to the server (in plaintext).
- The server generates a 16-byte random number, called a challenge or nonce, and sends it to the client.
- The client encrypts this challenge with the hash of the user’s password and returns the result to the server. This is called the response.
-
The server sends the following three items to the domain controller:
- User name
- Challenge sent to the client
- Response received from the client
- The domain controller uses the user name to retrieve the hash of the user’s password from the Security Account Manager database. It uses this password hash to encrypt the challenge.
- The domain controller compares the encrypted challenge it computed (in step 6) to the response computed by the client (in step 4). If they are identical, authentication is successful.
Sursa: https://msdn.microsoft.com/en-us/library/windows/desktop/aa378749(v=vs.85).aspx