193:, and an HMAC-MD5 hash of the user's password and other identifying information. The two responses differ in the format of the client challenge. The shorter response uses an 8-byte random value for this challenge. In order to verify the response, the server must receive as part of the response the client challenge. For this shorter response, the 8-byte client challenge appended to the 16-byte response makes a 24-byte package which is consistent with the 24-byte response format of the previous NTLMv1 protocol. In certain non-official documentation (e.g. DCE/RPC Over SMB, Leighton) this response is termed LMv2.
4453:
2696:
1877:
4464:
2686:
2676:
1887:
466:, the capability to store both is there, but one is turned off by default. This means that LM authentication no longer works if the computer running Windows Vista acts as the server. Prior versions of Windows (back as far as Windows NT 4.0 Service Pack 4) could be configured to behave this way, but it was not the default.
173:
SP4 (and natively supported in
Windows 2000), is a challenge-response authentication protocol. It is intended as a cryptographically strengthened replacement for NTLMv1, enhancing NTLM security by hardening the protocol against many spoofing attacks and adding the ability for a server to authenticate
493:
In
February 2010, Amplia Security discovered several flaws in the Windows implementation of the NTLM authentication mechanism which broke the security of the protocol allowing attackers to gain read/write access to files and remote code execution. One of the attacks presented included the ability to
359:
will be used instead of NTLM. HomeGroup is probably the easiest way to share resources on a small network, requiring minimal setup, even compared to configuring a few additional users to be able to use password-protected sharing, which may mean it is used much more than password-protected sharing on
232:
Briefly, the NTLMv1 algorithm is applied, except that an 8-byte client challenge is appended to the 8-byte server challenge and MD5-hashed. The least 8-byte half of the hash result is the challenge utilized in the NTLMv1 protocol. The client challenge is returned in one 24-byte slot of the response
527:
Note that the password-equivalent hashes used in pass-the-hash attacks and password cracking must first be "stolen" (such as by compromising a system with permissions sufficient to access hashes). Also, these hashes are not the same as the NTLMSSP_AUTH "hash" transmitted over the network during a
331:
Your application should not access the NTLM security package directly; instead, it should use the
Negotiate security package. Negotiate allows your application to take advantage of more advanced security protocols if they are supported by the systems involved in the authentication. Currently, the
275:
However, existing NTLMv1 infrastructure allows that the challenge/response pair is not verified by the server, but sent to a Domain
Controller for verification. Using NTLM2 Session, this infrastructure continues to work if the server substitutes for the challenge the hash of the server and client
146:
The server authenticates the client by sending an 8-byte random number, the challenge. The client performs an operation involving the challenge and a secret shared between client and server, specifically one of the two password hashes described above. The client returns the 24-byte result of the
457:
Starting with
Windows NT 4.0 Service Pack 4, the SSP would negotiate NTLMv2 Session whenever both client and server would support it. Up to and including Windows XP, this used either 40- or 56-bit encryption on non-U.S. computers, since the United States had severe restrictions on the export of
450:
DC would mean Domain
Controller, but use of that term is confusing. Any computer acting as server and authenticating a user fulfills the role of DC in this context, for example a Windows computer with a local account such as Administrator when that account is used during a network logon.
279:
NTLMv1 Client<-Server: SC Client->Server: H(P,SC) Server->DomCntl: H(P,SC), SC Server<-DomCntl: yes or no NTLM2 Session Client<-Server: SC Client->Server: H(P,H'(SC,CC)), CC Server->DomCntl: H(P,H'(SC,CC)), H'(SC,CC) Server<-DomCntl: yes or no
147:
computation. In fact, in NTLMv1 the computations are usually made using both hashes and both 24-byte results are sent. The server verifies that the client has computed the correct result, and from this infers possession of the secret, and hence the authenticity of the client.
318:
to improve interoperability (in particular, the RC4-HMAC encryption type). According to an independent researcher, this design decision allows Domain
Controllers to be tricked into issuing an attacker with a Kerberos ticket if the NTLM hash is known. Microsoft adopted
200:
format, (2) an 8-byte random value (CC2 in the box below), (3) the domain name and (4) some standard format stuff. The response must include a copy of this client challenge, and is therefore variable length. In non-official documentation, this response is termed NTv2.
220:
SC = 8-byte server challenge, random CC = 8-byte client challenge, random CC* = (X, time, CC2, domain name) v2-Hash = HMAC-MD5(NT-Hash, user name, domain name) LMv2 = HMAC-MD5(v2-Hash, SC, CC) NTv2 = HMAC-MD5(v2-Hash, SC, CC*) response = LMv2 | CC | NTv2 | CC*
461:
In
Windows Vista and above, LM has been disabled for inbound authentication. Windows NT-based operating systems up through and including Windows Server 2003 store two password hashes, the LAN Manager (LM) hash and the Windows NT hash. Starting in
502:
generated by the protocol. These flaws had been present in all versions of
Windows for 17 years. The security advisory explaining these issues included fully working proof-of-concept exploits. All these flaws were fixed by MS10-012.
2752:
373:
may cause
Windows to negotiate NTLMv1 or even LM for outbound authentication with the SMB server, allowing the device to work although it may be loaded with outdated, insecure software regardless of whether it were a new
155:
encrypt the 64-bit challenge. The three encryptions of the challenge are reunited to form the 24-byte response. Both the response using the LM hash and the NT hash are returned as the response, but this is configurable.
1056:
150:
Both the hashes produce 16-byte quantities. Five bytes of zeros are appended to obtain 21 bytes. The 21 bytes are separated in three 7-byte (56-bit) quantities. Each of these 56-bit quantities is used as a key to
204:
Both LMv2 and NTv2 hash the client and server challenge with the NT hash of the user's password and other identifying information. The exact formula is to begin with the NT hash, which is stored in the
311:
Despite these recommendations, NTLM is still widely deployed on systems. A major reason is to maintain compatibility with older systems. However, it can be avoided in some circumstances.
1676:
458:
encryption technology at the time. Starting with Windows XP SP3, 128-bit encryption could be added by installing an update and on Windows 7, 128-bit encryption would be the default.
2732:
524:
and sufficient GPU power the NTLM hash can be derived using a known plaintext attack by cracking the DES keys with hashcat mode 14000 as demonstrated by atom on the hashcat forums.
348:
The server must have the "password-protected sharing" feature enabled, which is not enabled by default and which is mutually exclusive with HomeGroup on some versions of Windows.
1060:
81:
which uses three messages to authenticate a client in a connection-oriented environment (connectionless is similar), and a fourth additional message if integrity is desired.
486:
can be used in many cases to obtain credentials from one machine which can be used to gain control of another machine. The Squirtle toolkit can be used to leverage web site
1923:
58:
authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package. Whether these protocols are used or can be used on a system which is governed by
369:, such as NAS devices and network printers, the NTLM SSP may offer the only supported authentication method. Some implementations of SMB or older distributions of e.g.
332:
Negotiate security package selects between Kerberos and NTLM. Negotiate selects Kerberos unless it cannot be used by one of the systems involved in the authentication.
1340:
345:
The client is authenticating to a server that doesn't belong to a domain or no Active Directory domain exists (commonly referred to as "workgroup" or "peer-to-peer")
391:
The client is authenticating to a server that belongs to a different Active Directory forest that has a legacy NTLM trust instead of a transitive inter-forest trust
4489:
95:
The NTLM protocol uses one or both of two hashed password values, both of which are also stored on the server (or domain controller), and which through a lack of
46:
security protocols intended to provide authentication, integrity, and confidentiality to users. NTLM is the successor to the authentication protocol in Microsoft
3468:
1682:
1833:
446:: Clients use NTLMv2 authentication only, and use NTLMv2 session security if server supports it; DCs refuse LM and NTLM (accept only NTLMv2 authentication).
440:: Clients use NTLMv2 authentication only, and use NTLMv2 session security if server supports it; DCs refuse LM (accept only NTLM and NTLMv2 authentication).
3483:
1743:
1732:
1280:
323:
as the preferred authentication protocol for Windows 2000 and subsequent Active Directory domains. Kerberos is typically used when a server belongs to a
4499:
3648:
2725:
2617:
1512:
2558:
111:-based function applied to the first 14 characters of the password converted to the traditional 8-bit PC charset for the language), and the NT hash (
2689:
2612:
1958:
1694:
1639:
1590:
926:
3305:
520:
In 2019, EvilMog published a tool called the ntlmv1-multitool to format NTLMv1 challenge responses in a hashcat compatible cracking format. With
434:: Clients use NTLMv2 authentication only, and use NTLMv2 session security if server supports it; DCs accept LM, NTLM, and NTLMv2 authentication.
422:: Clients use LM and NTLM authentication, and use NTLMv2 session security if server supports it; DCs accept LM, NTLM, and NTLMv2 authentication.
2578:
2573:
2553:
2162:
1916:
1534:
499:
428:: Clients use NTLM authentication only, and use NTLMv2 session security if server supports it; DCs accept LM, NTLM, and NTLMv2 authentication.
78:
4339:
2718:
2568:
2563:
4468:
2741:
1943:
1821:
229:
The NTLM2 Session protocol is similar to MS-CHAPv2. It consists of authentication from NTLMv1 combined with session security from NTLMv2.
132:, depending on the NTLM version; NT LanMan and NTLM version 1 use the DES-based LanMan one-way function (LMOWF), while NTLMv2 uses the NT
1057:"Active Directory Vulnerability Disclosure: Weak encryption enables attacker to change a victim's password without being logged - Aorato"
3718:
3358:
2942:
2777:
2249:
2224:
2089:
1700:
307:
Deriving a key from a password is as specified in RFC1320 and FIPS46-2. Therefore, applications are generally advised not to use NTLM.
4494:
3890:
3799:
3315:
2947:
2679:
1948:
1772:
1007:
103:, meaning that if you grab the hash value from the server, you can authenticate without knowing the actual password. The two are the
1449:
2600:
2585:
1953:
1909:
1574:
573:
454:
Prior to Windows NT 4.0 Service Pack 4, the SSP would negotiate NTLMv1 and fall back to LM if the other machine did not support it.
405:
After it has been decided either by the application developer or by the Negotiate SSP that the NTLM SSP be used for authentication,
1845:
1827:
1365:
416:: Clients use LM and NTLM authentication, and never use NTLMv2 session security; DCs accept LM, NTLM, and NTLMv2 authentication.
236:
This is a strengthened form of NTLMv1 which maintains the ability to use existing Domain Controller infrastructure yet avoids a
3638:
3618:
3581:
3543:
3528:
2094:
1851:
1688:
1306:"hand-tuned hashcat 6.0.0 beta and 2080Ti (stock clocks) breaks NTLM cracking speed mark of 100GH/s on a single compute device"
1600:
652:
4384:
3966:
3493:
1965:
1756:
292:
Implementers should be aware that NTLM does not support any recent cryptographic methods, such as AES or SHA-256. It uses
3508:
2590:
2523:
495:
4349:
4218:
3905:
3895:
3769:
3673:
3533:
2890:
2845:
2473:
1632:
517:
are available for eight- and nine-character NTLM passwords. Shorter passwords can be recovered by brute force methods.
4457:
3825:
3784:
3683:
3538:
3335:
3050:
3000:
2313:
409:
dictates the ability to use each of the protocols that the NTLM SSP implements. There are five authentication levels.
159:
C = 8-byte server challenge, random K1 | K2 | K3 = NTLM-Hash | 5-bytes-0 response = DES(K1,C) | DES(K2,C) | DES(K3,C)
85:
First, the client establishes a network path to the server and sends a NEGOTIATE_MESSAGE advertising its capabilities.
1245:
4047:
3927:
3633:
3132:
2772:
2765:
2760:
2699:
2634:
2605:
2595:
2543:
2538:
2518:
2297:
196:
The second response sent by NTLMv2 uses a variable-length client challenge which includes (1) the current time in
4379:
4344:
3774:
3764:
3703:
3613:
3503:
3473:
3122:
2820:
2661:
2646:
2533:
2528:
2468:
2463:
2318:
2254:
1890:
1738:
352:
327:. Microsoft recommends developers neither to use Kerberos nor the NTLM Security Support Provider (SSP) directly.
3744:
3688:
3668:
3513:
3282:
3167:
2419:
2277:
2179:
1228:
206:
152:
108:
3057:
1566:
4329:
4324:
4168:
4163:
4123:
4083:
4033:
3779:
3523:
3518:
3393:
3368:
3330:
3300:
3250:
3062:
2985:
2910:
2830:
2805:
2639:
2629:
2292:
2167:
1880:
1717:
1625:
1213:
293:
1551:
4309:
4273:
3885:
3870:
3628:
3586:
3478:
3408:
3325:
3310:
2905:
2488:
2191:
2174:
1778:
1186:
217:, the username and domain name. In the box below, X stands for the fixed contents of a formatting field.
4438:
4258:
4203:
4143:
4128:
3937:
3608:
3563:
3420:
3373:
1463:
324:
903:
852:
828:
804:
780:
756:
732:
624:
600:
88:
Next, the server responds with CHALLENGE_MESSAGE which is used to establish the identity of the client.
4423:
4418:
4263:
4233:
4198:
4088:
3794:
3789:
3693:
3643:
3601:
3571:
3458:
3045:
3010:
2957:
2895:
2624:
1159:
879:
487:
366:
4364:
4223:
4178:
4153:
4108:
4054:
3853:
3708:
3591:
3040:
3025:
2965:
2885:
2855:
2656:
2508:
2503:
2483:
2350:
2206:
2201:
2196:
2186:
2157:
2150:
2145:
1789:
1767:
1032:
708:
578:
506:
In 2012, it was demonstrated that every possible 8-character NTLM password hash permutation can be
378:
320:
315:
96:
4369:
4319:
4093:
4012:
3998:
3917:
3623:
3463:
3430:
3403:
3398:
3072:
2975:
2970:
2870:
2498:
2493:
2370:
2365:
2360:
2355:
1664:
1614:- A tool for formatting NTLMv1 challenge responses into a format that can be cracked with hashcat
1542:
1495:
66:
4433:
4359:
4314:
4213:
4208:
4183:
4138:
4103:
3973:
3277:
3087:
2920:
2424:
2403:
2398:
1932:
507:
479:
237:
31:
1265:
685:"Use an 8-char Windows NTLM password? Don't. Every single one can be cracked in under 2.5hrs"
537:
4374:
4283:
4118:
4061:
4019:
3880:
3848:
3804:
3759:
3678:
3438:
3235:
3112:
3102:
2865:
2860:
1538:
1107:
1081:
963:
684:
541:
370:
129:
1011:
394:
Where a firewall would otherwise restrict the ports required by Kerberos (typically TCP 88)
356:
4410:
4293:
4268:
4253:
4243:
4193:
4188:
3942:
3576:
3292:
3157:
3147:
3092:
3077:
2935:
2825:
2651:
2439:
2434:
2429:
2393:
2388:
2069:
1670:
1305:
1133:
513:
In 2019, this time was reduced to roughly 2.5 hours by using more modern hardware. Also,
1517:
1341:"Ethical hacker Dustin Heywood, a.k.a. EvilMog: 'My mission is to make companies safer'"
27:
Suite of Microsoft security protocols for authentication, integrity, and confidentiality
3900:
3443:
3255:
3245:
3230:
3162:
3030:
3005:
2980:
2930:
2900:
2810:
2345:
2340:
2332:
2287:
2135:
2074:
2064:
2059:
1815:
1799:
1648:
269:
170:
4483:
4389:
4248:
4148:
3488:
3448:
3225:
3200:
3192:
3127:
2995:
2795:
2380:
2101:
514:
475:
463:
116:
1503:
Personal HTTP(S) and SOCKS5 proxy for NTLM-unaware applications (Windows/Linux/UNIX)
4158:
4113:
4040:
4005:
3713:
3663:
3453:
3205:
3152:
3117:
3035:
3015:
2835:
2815:
2079:
1284:
660:
406:
256:. Without the client participating in the choice of challenge, the server can send
62:
settings, for which different versions of Windows have different default settings.
59:
1862:
50:(LANMAN), an older Microsoft product. The NTLM protocol suite is implemented in a
4228:
4173:
4078:
3932:
3820:
3698:
3553:
3345:
3320:
2915:
2444:
2264:
2115:
2004:
1999:
1994:
1989:
1984:
1794:
563:
55:
47:
2710:
4133:
3957:
3498:
3388:
3262:
3182:
3107:
2925:
2229:
2125:
2120:
2084:
2042:
2032:
2027:
2022:
2014:
1584:
483:
385:
17:
1506:
1411:
988:
3754:
3749:
3383:
3272:
3220:
2990:
2111:
2106:
1784:
1552:
NTLM version 2 (NTLMv2) and the LMCompatibilityLevel setting that governs it
938:
551:
43:
91:
Finally, the client responds to the challenge with an AUTHENTICATE_MESSAGE.
1611:
1608:- An HTTP proxy server to automatically authenticate through an NTLM proxy
1390:
1366:"Dustin Heywood: The "Evil" Hacker Using his Neurodivergent Mind for Good"
4334:
4238:
4098:
3858:
3723:
3353:
3210:
3097:
3082:
3020:
2880:
2840:
1762:
482:
which was addressed by Microsoft security update MS08-068. For example,
233:
message, the 24-byte calculated response is returned in the other slot.
4354:
4288:
4026:
3912:
3875:
3863:
3548:
3267:
3240:
3215:
3177:
2875:
2800:
1749:
568:
547:
521:
197:
122:
104:
1281:"25-GPU cluster cracks every standard Windows password in <6 hours"
4428:
4278:
3947:
3728:
3653:
1857:
1839:
1810:
119:
1901:
1464:"NT MD4 password hash as new password encryption method for FreeBSD"
1328:
1108:"Public Key Cryptography based User to User Authentication Overview"
1605:
1570:
1556:
189:
hash of the server challenge, a fully/partially randomly generated
4394:
3830:
3658:
3363:
3137:
2850:
1805:
1546:
1531:
software that allows users to authenticate via an MS Proxy Server.
1528:
1617:
1522:
1513:
MSDN article explaining the protocol and that it has been renamed
1501:
Cntlm – NTLM, NTLMSR, NTLMv2 Authentication Proxy and Accelerator
1490:
288:
Since 2010, Microsoft no longer recommends NTLM in applications:
3922:
3596:
3415:
3378:
1727:
1706:
1500:
1435:
210:
182:
51:
2714:
1905:
1621:
314:
Microsoft has added the NTLM hash to its implementation of the
3840:
3172:
3142:
3067:
1975:
1507:
The NTLM Authentication Protocol and Security Support Provider
420:
Send LM & NTLM - use NTLMv2 session security if negotiated
301:
297:
214:
186:
133:
112:
1595:
1266:"Windows SMB NTLM Weak Nonce vulnerability Security Advisory"
1187:"The Most Misunderstood Windows Security Setting of All Time"
1578:
1496:
NT LAN Manager (NTLM) Authentication Protocol Specification
1247:
Understanding the Windows SMB NTLM Weak Nonce vulnerability
1037:
NT LAN Manager (NTLM) Authentication Protocol Specification
908:
NT LAN Manager (NTLM) Authentication Protocol Specification
884:
NT LAN Manager (NTLM) Authentication Protocol Specification
857:
NT LAN Manager (NTLM) Authentication Protocol Specification
833:
NT LAN Manager (NTLM) Authentication Protocol Specification
809:
NT LAN Manager (NTLM) Authentication Protocol Specification
785:
NT LAN Manager (NTLM) Authentication Protocol Specification
761:
NT LAN Manager (NTLM) Authentication Protocol Specification
737:
NT LAN Manager (NTLM) Authentication Protocol Specification
629:
NT LAN Manager (NTLM) Authentication Protocol Specification
605:
NT LAN Manager (NTLM) Authentication Protocol Specification
125:
password). Both hash values are 16 bytes (128 bits) each.
357:
Public Key Cryptography based User to User Authentication
65:
NTLM passwords are considered weak because they can be
659:, IBM Internet System Security (ISS), archived from
4407:
4302:
4071:
3990:
3983:
3956:
3839:
3813:
3737:
3562:
3429:
3344:
3291:
3191:
2956:
2786:
2453:
2412:
2379:
2331:
2306:
2276:
2263:
2242:
2215:
2134:
2050:
2041:
2013:
1974:
1716:
1655:
384:The client is authenticating to a server using an
341:The NTLM SSP is used in the following situations:
1596:WAFFLE – Java/C# Windows Authentication Framework
958:
956:
536:NTLM implementations for Linux include Cntlm and
544:) allow Linux applications to use NTLM proxies.
490:attacks into attacks on nearby assets via NTLM.
1601:objectif-securite (Rainbow tables for ophcrack)
968:Microsoft Windows 2000 Security Hardening Guide
351:When server and client both belong to the same
1244:Hernan Ochoa and Agustin Azubel (2010-07-28).
595:
593:
444:Send NTLMv2 response only\refuse LM & NTLM
2726:
1917:
1683:Java Authentication and Authorization Service
1633:
646:
644:
388:(and no reverse name resolution is available)
268:. This attack can be made practical by using
244:, the server computes a table where location
8:
1834:Protected Extensible Authentication Protocol
1436:"Cntlm: Fast NTLM Authentication Proxy in C"
927:What's New in Windows NT 4.0 Service Pack 4?
1744:Challenge-Handshake Authentication Protocol
1491:Online NTLM hash crack using Rainbow tables
4463:
3987:
2733:
2719:
2711:
2685:
2675:
2273:
2047:
1924:
1910:
1902:
1640:
1626:
1618:
1033:"Security Considerations for Implementers"
377:If the server is a member of a domain but
79:challenge–response authentication protocol
1559:Full NTLM security service provider with
1557:Jespa – Java Active Directory Integration
1509:A detailed analysis of the NTLM protocol.
337:Use of the NTLM Security Support Provider
1695:Simple Authentication and Security Layer
1008:"Rainbow Cracking and Password Security"
365:If the server is a device that supports
177:NTLMv2 sends two responses to an 8-byte
589:
128:The NTLM protocol also uses one of two
1587:NTLMv2 API and Servlet Filter for Java
209:or AD, and continue to hash in, using
4490:Microsoft Windows security technology
4340:Next-Generation Secure Computing Base
1567:EasySSO - NTML Authenticator for JIRA
1412:"How to make use of the DES KPA mode"
1329:A Case for Modern Rainbow Table Usage
874:
872:
683:Claburn, Thomas (February 14, 2019).
7:
1886:
1822:Password-authenticated key agreement
1563:(commercial but free up to 25 users)
1214:"MS08-068: Metasploit and SMB Relay"
678:
676:
550:also supports storing passwords via
3469:Distributed Transaction Coordinator
1701:Security Support Provider Interface
940:How to enable NTLM 2 authentication
733:"Message Syntax | section 2.2"
438:Send NTLMv2 response only\refuse LM
181:. Each response contains a 16-byte
3800:User Interface Privilege Isolation
1840:Remote Access Dial In User Service
1773:Extensible Authentication Protocol
1450:"NTLM authentication - MoodleDocs"
1230:Nail the Coffin Shut, NTLM is Dead
1134:"LAN Manager authentication level"
528:conventional NTLM authentication.
478:attack, which is a variant on the
355:, a protocol similar to Kerberos,
69:very easily with modern hardware.
25:
4500:Computer access control protocols
1264:Hernan Ochoa and Agustin Azubel.
574:Integrated Windows Authentication
360:small networks and home networks.
4462:
4452:
4451:
2695:
2694:
2684:
2674:
1885:
1876:
1875:
1846:Resource Access Control Facility
1828:Password Authentication Protocol
1733:Authentication and Key Agreement
1689:Pluggable Authentication Modules
1518:MSDN page on NTLM authentication
1006:Varughese, Sam (February 2006).
943:, Support, Microsoft, 2007-01-25
136:based one-way function (NTOWF).
3529:Remote Differential Compression
1852:Secure Remote Password protocol
1561:server-side NETLOGON validation
1537:– NTLM set-up instructions for
1529:NTLM Authorization Proxy Server
1227:Kurt Grutzmacher (2008-08-08).
653:"Reflecting on NTLM Reflection"
474:NTLM remains vulnerable to the
240:by a rogue server. For a fixed
36:NT (New Technology) LAN Manager
4385:Windows System Assessment Tool
1757:Central Authentication Service
1535:Installing NTLM authentication
1389:Heywood, Dustin (2023-10-11),
554:in the insecure NT-Hash form.
1:
1677:Generic Security Services API
1591:A ntlm message generator tool
1569:NTLM Authenticator utilising
859:(2.2.1.3 ed.), Microsoft
835:(2.2.1.2 ed.), Microsoft
811:(2.2.1.1 ed.), Microsoft
787:(3.1.5.2 ed.), Microsoft
763:(3.1.5.1 ed.), Microsoft
3674:Open XML Paper Specification
3534:Remote Installation Services
2742:Microsoft Windows components
1707:XCert Universal Database API
470:Weakness and vulnerabilities
414:Send LM & NTLM responses
284:Availability and use of NTLM
3826:Windows Subsystem for Linux
3785:Mandatory Integrity Control
3539:Windows Deployment Services
3336:Wireless Zero Configuration
2250:Preinstallation Environment
2225:Fundamentals for Legacy PCs
910:(3.3.1 ed.), Microsoft
886:(3.3.1 ed.), Microsoft
651:Takahashi, T (2009-12-17),
4516:
3928:Universal Windows Platform
3634:Kernel Transaction Manager
3619:Hardware Abstraction Layer
3316:Multimedia Class Scheduler
1279:Goodin, Dan (2012-12-10).
1166:. Microsoft. June 29, 2011
1010:. Palisade. Archived from
625:"Session Security Details"
4495:Computer network security
4447:
4380:Windows Services for UNIX
3765:Data Execution Prevention
3614:Graphics Device Interface
3504:Network Access Protection
3123:Remote Desktop Connection
2748:
2670:
2662:Windows Server Essentials
2647:Windows for Pen Computing
1939:
1871:
1739:CAVE-based authentication
432:Send NTLMv2 response only
52:Security Support Provider
3745:Security and Maintenance
3689:Security Account Manager
3283:Windows XP visual styles
1525:– a free implementation.
1160:"Windows Authentication"
964:"Security Configuration"
904:"NTLM v2 Authentication"
880:"NTLM v1 Authentication"
532:Compatibility with Linux
401:Use of protocol versions
294:cyclic redundancy checks
4330:Media Control Interface
4164:Help and Support Center
3780:Kernel Patch Protection
3544:System Resource Manager
3524:Remote Desktop Services
3519:Print Services for UNIX
3301:Service Control Manager
2911:Windows Error Reporting
2831:DirectX Diagnostic Tool
426:Send NTLM response only
4310:Desktop Cleanup Wizard
3886:COM Structured storage
3587:Desktop Window Manager
3479:Windows Media Services
1779:Host Identity Protocol
1304:hashcat (2019-02-13).
853:"AUTHENTICATE_MESSAGE"
334:
309:
169:NTLMv2, introduced in
3938:Windows Mixed Reality
3609:Enhanced Write Filter
3459:Roaming user profiles
757:"Connection-Oriented"
689:www.theregister.co.uk
496:pseudo-random numbers
329:
325:Windows Server domain
290:
264:in the table and get
54:, which combines the
4219:Mobile Device Center
4169:Health & Fitness
3967:Solitaire Collection
3795:User Account Control
3790:Protected Media Path
3694:Server Message Block
3644:Logical Disk Manager
2896:System Policy Editor
2881:System Configuration
1392:10 Nov, 2020 Updates
1253:. Blackhat USA 2010.
970:, TechNet, Microsoft
500:challenges/responses
488:cross-site scripting
4365:Virtual DOS machine
3709:System Idle Process
3684:Resource Protection
3592:Portable Executable
3484:Active DRM Services
2886:System File Checker
2856:Performance Monitor
2657:Microsoft PowerToys
2314:Embedded Automotive
1573:library to provide
829:"CHALLENGE_MESSAGE"
805:"NEGOTIATE_MESSAGE"
300:for integrity, and
260:, look up response
101:password equivalent
4370:Windows on Windows
4094:Backup and Restore
3906:Transaction Server
3624:I/O request packet
3464:Folder redirection
3133:Speech Recognition
2891:System Information
2846:Management Console
2613:Version comparison
2298:Embedded Compact 7
1665:BSD Authentication
1345:The Globe and Mail
1185:Jesper Johansson.
510:in under 6 hours.
4477:
4476:
4403:
4402:
4360:Video for Windows
4315:Games for Windows
4184:Internet Explorer
3278:Windows Spotlight
2921:Windows Installer
2708:
2707:
2550:Removed features
2327:
2326:
2319:Embedded Industry
2255:MultiPoint Server
2238:
2237:
1933:Microsoft Windows
1899:
1898:
1612:NTLMv1 Multi Tool
480:reflection attack
316:Kerberos protocol
238:dictionary attack
130:one-way functions
16:(Redirected from
4507:
4466:
4465:
4455:
4454:
4375:Windows SideShow
4154:Food & Drink
4048:Spider Solitaire
3988:
3881:ActiveX Document
3849:Active Scripting
3805:Windows Firewall
3760:Credential Guard
3439:Active Directory
3236:Indexing Service
2866:Resource Monitor
2861:Recovery Console
2735:
2728:
2721:
2712:
2698:
2697:
2688:
2687:
2680:List of versions
2678:
2677:
2274:
2180:Home Server 2011
2048:
1926:
1919:
1912:
1903:
1889:
1888:
1879:
1878:
1642:
1635:
1628:
1619:
1479:
1478:
1476:
1474:
1468:Mail-archive.com
1460:
1454:
1453:
1446:
1440:
1439:
1432:
1426:
1425:
1423:
1422:
1408:
1402:
1401:
1400:
1399:
1386:
1380:
1379:
1377:
1376:
1362:
1356:
1355:
1353:
1352:
1337:
1331:
1326:
1320:
1319:
1317:
1316:
1301:
1295:
1294:
1292:
1291:
1276:
1270:
1269:
1261:
1255:
1254:
1252:
1241:
1235:
1234:
1224:
1218:
1217:
1209:
1203:
1202:
1200:
1198:
1191:TechNet Magazine
1182:
1176:
1175:
1173:
1171:
1156:
1150:
1149:
1147:
1145:
1130:
1124:
1123:
1121:
1119:
1104:
1098:
1097:
1095:
1093:
1082:"Microsoft NTLM"
1078:
1072:
1071:
1069:
1068:
1059:. Archived from
1053:
1047:
1046:
1045:
1044:
1029:
1023:
1022:
1020:
1019:
1003:
997:
996:
984:
978:
977:
976:
975:
960:
951:
950:
949:
948:
935:
929:
924:
918:
917:
916:
915:
900:
894:
893:
892:
891:
876:
867:
866:
865:
864:
849:
843:
842:
841:
840:
825:
819:
818:
817:
816:
801:
795:
794:
793:
792:
781:"Connectionless"
777:
771:
770:
769:
768:
753:
747:
746:
745:
744:
729:
723:
722:
721:
720:
709:"Microsoft NTLM"
705:
699:
698:
696:
695:
680:
671:
670:
669:
668:
648:
639:
638:
637:
636:
621:
615:
614:
613:
612:
597:
381:cannot be used.
304:for encryption.
191:client challenge
179:server challenge
42:) is a suite of
21:
4515:
4514:
4510:
4509:
4508:
4506:
4505:
4504:
4480:
4479:
4478:
4473:
4443:
4411:Microsoft Store
4409:
4399:
4345:POSIX subsystem
4325:File Protection
4298:
4269:Program Manager
4254:Phone Companion
4244:Outlook Express
4194:Make Compatible
4124:Desktop Gadgets
4084:Anytime Upgrade
4067:
3979:
3952:
3943:Windows Runtime
3835:
3809:
3775:Family features
3733:
3558:
3514:DFS Replication
3425:
3340:
3331:Error Reporting
3287:
3187:
3063:Mobility Center
3058:Movies & TV
2952:
2936:Windows Insider
2826:Driver Verifier
2821:Drive Optimizer
2788:
2782:
2773:Booting process
2744:
2739:
2709:
2704:
2666:
2652:Microsoft Plus!
2586:Version history
2449:
2408:
2375:
2323:
2302:
2293:Embedded CE 6.0
2279:
2268:
2266:
2259:
2234:
2217:
2211:
2168:HPC Server 2008
2137:
2130:
2052:
2037:
2009:
1970:
1935:
1930:
1900:
1895:
1867:
1719:
1712:
1671:eAuthentication
1657:
1651:
1646:
1487:
1482:
1472:
1470:
1462:
1461:
1457:
1448:
1447:
1443:
1434:
1433:
1429:
1420:
1418:
1410:
1409:
1405:
1397:
1395:
1388:
1387:
1383:
1374:
1372:
1364:
1363:
1359:
1350:
1348:
1339:
1338:
1334:
1327:
1323:
1314:
1312:
1303:
1302:
1298:
1289:
1287:
1278:
1277:
1273:
1263:
1262:
1258:
1250:
1243:
1242:
1238:
1226:
1225:
1221:
1211:
1210:
1206:
1196:
1194:
1184:
1183:
1179:
1169:
1167:
1164:TechNet Library
1158:
1157:
1153:
1143:
1141:
1132:
1131:
1127:
1117:
1115:
1112:TechNet Library
1106:
1105:
1101:
1091:
1089:
1086:TechNet Library
1080:
1079:
1075:
1066:
1064:
1055:
1054:
1050:
1042:
1040:
1031:
1030:
1026:
1017:
1015:
1005:
1004:
1000:
986:
985:
981:
973:
971:
962:
961:
954:
946:
944:
937:
936:
932:
925:
921:
913:
911:
902:
901:
897:
889:
887:
878:
877:
870:
862:
860:
851:
850:
846:
838:
836:
827:
826:
822:
814:
812:
803:
802:
798:
790:
788:
779:
778:
774:
766:
764:
755:
754:
750:
742:
740:
731:
730:
726:
718:
716:
707:
706:
702:
693:
691:
682:
681:
674:
666:
664:
657:FrequencyX Blog
650:
649:
642:
634:
632:
623:
622:
618:
610:
608:
599:
598:
591:
587:
560:
534:
472:
403:
339:
286:
281:
227:
222:
174:to the client.
167:
160:
144:
75:
28:
23:
22:
15:
12:
11:
5:
4513:
4511:
4503:
4502:
4497:
4492:
4482:
4481:
4475:
4474:
4472:
4471:
4460:
4448:
4445:
4444:
4442:
4441:
4436:
4431:
4426:
4421:
4415:
4413:
4405:
4404:
4401:
4400:
4398:
4397:
4392:
4387:
4382:
4377:
4372:
4367:
4362:
4357:
4352:
4347:
4342:
4337:
4332:
4327:
4322:
4317:
4312:
4306:
4304:
4300:
4299:
4297:
4296:
4291:
4286:
4281:
4276:
4274:Steps Recorder
4271:
4266:
4261:
4256:
4251:
4246:
4241:
4236:
4231:
4226:
4221:
4216:
4211:
4206:
4201:
4196:
4191:
4186:
4181:
4176:
4171:
4166:
4161:
4156:
4151:
4146:
4141:
4136:
4131:
4126:
4121:
4116:
4111:
4106:
4101:
4096:
4091:
4086:
4081:
4075:
4073:
4069:
4068:
4066:
4065:
4058:
4051:
4044:
4037:
4030:
4023:
4016:
4009:
4002:
3994:
3992:
3985:
3981:
3980:
3978:
3977:
3970:
3962:
3960:
3954:
3953:
3951:
3950:
3945:
3940:
3935:
3930:
3925:
3920:
3915:
3910:
3909:
3908:
3903:
3901:OLE Automation
3898:
3893:
3888:
3883:
3878:
3868:
3867:
3866:
3861:
3856:
3845:
3843:
3837:
3836:
3834:
3833:
3828:
3823:
3817:
3815:
3811:
3810:
3808:
3807:
3802:
3797:
3792:
3787:
3782:
3777:
3772:
3767:
3762:
3757:
3752:
3747:
3741:
3739:
3735:
3734:
3732:
3731:
3726:
3721:
3716:
3711:
3706:
3701:
3696:
3691:
3686:
3681:
3676:
3671:
3669:Object Manager
3666:
3661:
3656:
3651:
3646:
3641:
3636:
3631:
3629:Imaging Format
3626:
3621:
3616:
3611:
3606:
3605:
3604:
3599:
3589:
3584:
3579:
3574:
3568:
3566:
3560:
3559:
3557:
3556:
3551:
3546:
3541:
3536:
3531:
3526:
3521:
3516:
3511:
3506:
3501:
3496:
3491:
3486:
3481:
3476:
3471:
3466:
3461:
3456:
3451:
3446:
3441:
3435:
3433:
3427:
3426:
3424:
3423:
3418:
3413:
3412:
3411:
3406:
3401:
3396:
3391:
3386:
3376:
3371:
3366:
3361:
3356:
3350:
3348:
3342:
3341:
3339:
3338:
3333:
3328:
3326:Task Scheduler
3323:
3318:
3313:
3308:
3303:
3297:
3295:
3289:
3288:
3286:
3285:
3280:
3275:
3270:
3265:
3260:
3259:
3258:
3256:Special folder
3253:
3248:
3243:
3238:
3228:
3223:
3218:
3213:
3208:
3203:
3197:
3195:
3189:
3188:
3186:
3185:
3180:
3175:
3170:
3168:Voice Recorder
3165:
3160:
3155:
3150:
3145:
3140:
3135:
3130:
3125:
3120:
3115:
3110:
3105:
3100:
3095:
3090:
3085:
3080:
3075:
3070:
3065:
3060:
3055:
3054:
3053:
3043:
3038:
3033:
3028:
3023:
3018:
3013:
3008:
3003:
2998:
2993:
2988:
2983:
2978:
2973:
2968:
2962:
2960:
2954:
2953:
2951:
2950:
2945:
2940:
2939:
2938:
2931:Windows Update
2928:
2923:
2918:
2913:
2908:
2903:
2901:System Restore
2898:
2893:
2888:
2883:
2878:
2873:
2868:
2863:
2858:
2853:
2848:
2843:
2838:
2833:
2828:
2823:
2818:
2813:
2811:Device Manager
2808:
2803:
2801:Command Prompt
2798:
2792:
2790:
2784:
2783:
2781:
2780:
2775:
2770:
2769:
2768:
2763:
2755:
2749:
2746:
2745:
2740:
2738:
2737:
2730:
2723:
2715:
2706:
2705:
2703:
2702:
2692:
2682:
2671:
2668:
2667:
2665:
2664:
2659:
2654:
2649:
2644:
2643:
2642:
2637:
2632:
2622:
2621:
2620:
2610:
2609:
2608:
2603:
2598:
2593:
2583:
2582:
2581:
2576:
2571:
2566:
2561:
2556:
2548:
2547:
2546:
2541:
2536:
2531:
2526:
2521:
2513:
2512:
2511:
2506:
2501:
2496:
2491:
2486:
2478:
2477:
2476:
2471:
2466:
2457:
2455:
2451:
2450:
2448:
2447:
2442:
2437:
2432:
2427:
2422:
2416:
2414:
2410:
2409:
2407:
2406:
2401:
2396:
2391:
2385:
2383:
2377:
2376:
2374:
2373:
2368:
2363:
2358:
2353:
2348:
2346:Pocket PC 2002
2343:
2341:Pocket PC 2000
2337:
2335:
2333:Windows Mobile
2329:
2328:
2325:
2324:
2322:
2321:
2316:
2310:
2308:
2304:
2303:
2301:
2300:
2295:
2290:
2284:
2282:
2271:
2261:
2260:
2258:
2257:
2252:
2246:
2244:
2240:
2239:
2236:
2235:
2233:
2232:
2227:
2221:
2219:
2213:
2212:
2210:
2209:
2204:
2199:
2194:
2192:Server 2012 R2
2189:
2184:
2183:
2182:
2175:Server 2008 R2
2172:
2171:
2170:
2165:
2155:
2154:
2153:
2142:
2140:
2132:
2131:
2129:
2128:
2123:
2118:
2109:
2104:
2099:
2098:
2097:
2092:
2082:
2077:
2072:
2067:
2062:
2056:
2054:
2045:
2039:
2038:
2036:
2035:
2030:
2025:
2019:
2017:
2011:
2010:
2008:
2007:
2002:
1997:
1992:
1987:
1981:
1979:
1972:
1971:
1969:
1968:
1963:
1962:
1961:
1956:
1946:
1940:
1937:
1936:
1931:
1929:
1928:
1921:
1914:
1906:
1897:
1896:
1894:
1893:
1883:
1872:
1869:
1868:
1866:
1865:
1860:
1855:
1849:
1843:
1837:
1831:
1825:
1819:
1816:OpenID Connect
1813:
1808:
1803:
1800:NT LAN Manager
1797:
1792:
1787:
1782:
1776:
1770:
1765:
1760:
1754:
1753:
1752:
1741:
1736:
1730:
1724:
1722:
1718:Authentication
1714:
1713:
1711:
1710:
1704:
1698:
1692:
1686:
1680:
1674:
1668:
1661:
1659:
1656:Authentication
1653:
1652:
1649:Authentication
1647:
1645:
1644:
1637:
1630:
1622:
1616:
1615:
1609:
1606:Px for Windows
1603:
1598:
1593:
1588:
1582:
1564:
1554:
1549:
1532:
1526:
1520:
1515:
1510:
1504:
1498:
1493:
1486:
1485:External links
1483:
1481:
1480:
1455:
1441:
1427:
1403:
1381:
1357:
1332:
1321:
1296:
1271:
1256:
1236:
1219:
1204:
1177:
1151:
1125:
1099:
1073:
1048:
1024:
998:
995:, Source forge
979:
952:
930:
919:
895:
868:
844:
820:
796:
772:
748:
724:
700:
672:
640:
616:
601:"Introduction"
588:
586:
583:
582:
581:
576:
571:
566:
559:
556:
533:
530:
515:Rainbow tables
471:
468:
448:
447:
441:
435:
429:
423:
417:
402:
399:
398:
397:
396:
395:
392:
389:
375:
363:
362:
361:
349:
338:
335:
285:
282:
278:
270:rainbow tables
226:
223:
219:
171:Windows NT 4.0
166:
163:
158:
143:
140:
93:
92:
89:
86:
74:
71:
26:
24:
18:NT LAN Manager
14:
13:
10:
9:
6:
4:
3:
2:
4512:
4501:
4498:
4496:
4493:
4491:
4488:
4487:
4485:
4470:
4461:
4459:
4450:
4449:
4446:
4440:
4437:
4435:
4432:
4430:
4427:
4425:
4422:
4420:
4417:
4416:
4414:
4412:
4406:
4396:
4393:
4391:
4390:Windows To Go
4388:
4386:
4383:
4381:
4378:
4376:
4373:
4371:
4368:
4366:
4363:
4361:
4358:
4356:
4353:
4351:
4348:
4346:
4343:
4341:
4338:
4336:
4333:
4331:
4328:
4326:
4323:
4321:
4318:
4316:
4313:
4311:
4308:
4307:
4305:
4301:
4295:
4292:
4290:
4287:
4285:
4282:
4280:
4277:
4275:
4272:
4270:
4267:
4265:
4262:
4260:
4259:Photo Gallery
4257:
4255:
4252:
4250:
4247:
4245:
4242:
4240:
4237:
4235:
4232:
4230:
4227:
4225:
4222:
4220:
4217:
4215:
4212:
4210:
4207:
4205:
4204:Meeting Space
4202:
4200:
4197:
4195:
4192:
4190:
4187:
4185:
4182:
4180:
4177:
4175:
4174:HyperTerminal
4172:
4170:
4167:
4165:
4162:
4160:
4157:
4155:
4152:
4150:
4147:
4145:
4144:Easy Transfer
4142:
4140:
4137:
4135:
4132:
4130:
4127:
4125:
4122:
4120:
4117:
4115:
4112:
4110:
4107:
4105:
4102:
4100:
4097:
4095:
4092:
4090:
4087:
4085:
4082:
4080:
4077:
4076:
4074:
4070:
4064:
4063:
4059:
4057:
4056:
4052:
4050:
4049:
4045:
4043:
4042:
4038:
4036:
4035:
4031:
4029:
4028:
4024:
4022:
4021:
4017:
4015:
4014:
4010:
4008:
4007:
4003:
4001:
4000:
3996:
3995:
3993:
3989:
3986:
3982:
3976:
3975:
3971:
3969:
3968:
3964:
3963:
3961:
3959:
3955:
3949:
3946:
3944:
3941:
3939:
3936:
3934:
3931:
3929:
3926:
3924:
3921:
3919:
3916:
3914:
3911:
3907:
3904:
3902:
3899:
3897:
3894:
3892:
3889:
3887:
3884:
3882:
3879:
3877:
3874:
3873:
3872:
3869:
3865:
3862:
3860:
3857:
3855:
3852:
3851:
3850:
3847:
3846:
3844:
3842:
3838:
3832:
3829:
3827:
3824:
3822:
3819:
3818:
3816:
3814:Compatibility
3812:
3806:
3803:
3801:
3798:
3796:
3793:
3791:
3788:
3786:
3783:
3781:
3778:
3776:
3773:
3771:
3768:
3766:
3763:
3761:
3758:
3756:
3753:
3751:
3748:
3746:
3743:
3742:
3740:
3736:
3730:
3727:
3725:
3722:
3720:
3717:
3715:
3712:
3710:
3707:
3705:
3702:
3700:
3697:
3695:
3692:
3690:
3687:
3685:
3682:
3680:
3677:
3675:
3672:
3670:
3667:
3665:
3662:
3660:
3657:
3655:
3652:
3650:
3647:
3645:
3642:
3640:
3639:Library files
3637:
3635:
3632:
3630:
3627:
3625:
3622:
3620:
3617:
3615:
3612:
3610:
3607:
3603:
3600:
3598:
3595:
3594:
3593:
3590:
3588:
3585:
3583:
3580:
3578:
3575:
3573:
3570:
3569:
3567:
3565:
3561:
3555:
3552:
3550:
3547:
3545:
3542:
3540:
3537:
3535:
3532:
3530:
3527:
3525:
3522:
3520:
3517:
3515:
3512:
3510:
3507:
3505:
3502:
3500:
3497:
3495:
3492:
3490:
3487:
3485:
3482:
3480:
3477:
3475:
3472:
3470:
3467:
3465:
3462:
3460:
3457:
3455:
3452:
3450:
3447:
3445:
3442:
3440:
3437:
3436:
3434:
3432:
3428:
3422:
3419:
3417:
3414:
3410:
3407:
3405:
3402:
3400:
3399:Reparse point
3397:
3395:
3392:
3390:
3387:
3385:
3382:
3381:
3380:
3377:
3375:
3372:
3370:
3367:
3365:
3362:
3360:
3357:
3355:
3352:
3351:
3349:
3347:
3343:
3337:
3334:
3332:
3329:
3327:
3324:
3322:
3319:
3317:
3314:
3312:
3309:
3307:
3304:
3302:
3299:
3298:
3296:
3294:
3290:
3284:
3281:
3279:
3276:
3274:
3271:
3269:
3266:
3264:
3261:
3257:
3254:
3252:
3249:
3247:
3244:
3242:
3239:
3237:
3234:
3233:
3232:
3229:
3227:
3224:
3222:
3219:
3217:
3214:
3212:
3209:
3207:
3204:
3202:
3201:Action Center
3199:
3198:
3196:
3194:
3190:
3184:
3181:
3179:
3176:
3174:
3171:
3169:
3166:
3164:
3161:
3159:
3156:
3154:
3151:
3149:
3146:
3144:
3141:
3139:
3136:
3134:
3131:
3129:
3128:Snipping Tool
3126:
3124:
3121:
3119:
3116:
3114:
3111:
3109:
3106:
3104:
3101:
3099:
3096:
3094:
3091:
3089:
3086:
3084:
3081:
3079:
3076:
3074:
3071:
3069:
3066:
3064:
3061:
3059:
3056:
3052:
3049:
3048:
3047:
3044:
3042:
3039:
3037:
3034:
3032:
3029:
3027:
3024:
3022:
3019:
3017:
3014:
3012:
3009:
3007:
3004:
3002:
2999:
2997:
2994:
2992:
2989:
2987:
2986:Character Map
2984:
2982:
2979:
2977:
2974:
2972:
2969:
2967:
2964:
2963:
2961:
2959:
2955:
2949:
2946:
2944:
2941:
2937:
2934:
2933:
2932:
2929:
2927:
2924:
2922:
2919:
2917:
2914:
2912:
2909:
2907:
2904:
2902:
2899:
2897:
2894:
2892:
2889:
2887:
2884:
2882:
2879:
2877:
2874:
2872:
2869:
2867:
2864:
2862:
2859:
2857:
2854:
2852:
2849:
2847:
2844:
2842:
2839:
2837:
2834:
2832:
2829:
2827:
2824:
2822:
2819:
2817:
2814:
2812:
2809:
2807:
2806:Control Panel
2804:
2802:
2799:
2797:
2796:App Installer
2794:
2793:
2791:
2785:
2779:
2776:
2774:
2771:
2767:
2764:
2762:
2759:
2758:
2757:Architecture
2756:
2754:
2751:
2750:
2747:
2743:
2736:
2731:
2729:
2724:
2722:
2717:
2716:
2713:
2701:
2693:
2691:
2683:
2681:
2673:
2672:
2669:
2663:
2660:
2658:
2655:
2653:
2650:
2648:
2645:
2641:
2638:
2636:
2633:
2631:
2628:
2627:
2626:
2623:
2619:
2616:
2615:
2614:
2611:
2607:
2604:
2602:
2599:
2597:
2594:
2592:
2589:
2588:
2587:
2584:
2580:
2577:
2575:
2572:
2570:
2567:
2565:
2562:
2560:
2557:
2555:
2552:
2551:
2549:
2545:
2542:
2540:
2537:
2535:
2532:
2530:
2527:
2525:
2522:
2520:
2517:
2516:
2515:New features
2514:
2510:
2507:
2505:
2502:
2500:
2497:
2495:
2492:
2490:
2487:
2485:
2482:
2481:
2479:
2475:
2472:
2470:
2467:
2465:
2462:
2461:
2459:
2458:
2456:
2452:
2446:
2443:
2441:
2438:
2436:
2433:
2431:
2428:
2426:
2423:
2421:
2418:
2417:
2415:
2411:
2405:
2402:
2400:
2397:
2395:
2392:
2390:
2387:
2386:
2384:
2382:
2381:Windows Phone
2378:
2372:
2369:
2367:
2364:
2362:
2359:
2357:
2354:
2352:
2349:
2347:
2344:
2342:
2339:
2338:
2336:
2334:
2330:
2320:
2317:
2315:
2312:
2311:
2309:
2305:
2299:
2296:
2294:
2291:
2289:
2286:
2285:
2283:
2281:
2275:
2272:
2270:
2262:
2256:
2253:
2251:
2248:
2247:
2245:
2241:
2231:
2228:
2226:
2223:
2222:
2220:
2214:
2208:
2205:
2203:
2200:
2198:
2195:
2193:
2190:
2188:
2185:
2181:
2178:
2177:
2176:
2173:
2169:
2166:
2164:
2161:
2160:
2159:
2156:
2152:
2149:
2148:
2147:
2144:
2143:
2141:
2139:
2133:
2127:
2124:
2122:
2119:
2117:
2113:
2110:
2108:
2105:
2103:
2100:
2096:
2093:
2091:
2088:
2087:
2086:
2083:
2081:
2078:
2076:
2073:
2071:
2068:
2066:
2063:
2061:
2058:
2057:
2055:
2049:
2046:
2044:
2040:
2034:
2031:
2029:
2026:
2024:
2021:
2020:
2018:
2016:
2012:
2006:
2003:
2001:
1998:
1996:
1993:
1991:
1988:
1986:
1983:
1982:
1980:
1977:
1973:
1967:
1964:
1960:
1957:
1955:
1952:
1951:
1950:
1947:
1945:
1942:
1941:
1938:
1934:
1927:
1922:
1920:
1915:
1913:
1908:
1907:
1904:
1892:
1884:
1882:
1874:
1873:
1870:
1864:
1861:
1859:
1856:
1853:
1850:
1847:
1844:
1841:
1838:
1835:
1832:
1829:
1826:
1823:
1820:
1817:
1814:
1812:
1809:
1807:
1804:
1801:
1798:
1796:
1793:
1791:
1788:
1786:
1783:
1780:
1777:
1774:
1771:
1769:
1766:
1764:
1761:
1758:
1755:
1751:
1748:
1747:
1745:
1742:
1740:
1737:
1734:
1731:
1729:
1726:
1725:
1723:
1721:
1715:
1708:
1705:
1702:
1699:
1696:
1693:
1690:
1687:
1684:
1681:
1678:
1675:
1672:
1669:
1666:
1663:
1662:
1660:
1654:
1650:
1643:
1638:
1636:
1631:
1629:
1624:
1623:
1620:
1613:
1610:
1607:
1604:
1602:
1599:
1597:
1594:
1592:
1589:
1586:
1583:
1580:
1576:
1572:
1568:
1565:
1562:
1558:
1555:
1553:
1550:
1548:
1544:
1540:
1536:
1533:
1530:
1527:
1524:
1521:
1519:
1516:
1514:
1511:
1508:
1505:
1502:
1499:
1497:
1494:
1492:
1489:
1488:
1484:
1469:
1465:
1459:
1456:
1451:
1445:
1442:
1437:
1431:
1428:
1417:
1413:
1407:
1404:
1394:
1393:
1385:
1382:
1371:
1367:
1361:
1358:
1346:
1342:
1336:
1333:
1330:
1325:
1322:
1311:
1307:
1300:
1297:
1286:
1282:
1275:
1272:
1267:
1260:
1257:
1249:
1248:
1240:
1237:
1232:
1231:
1223:
1220:
1215:
1208:
1205:
1192:
1188:
1181:
1178:
1165:
1161:
1155:
1152:
1139:
1135:
1129:
1126:
1113:
1109:
1103:
1100:
1087:
1083:
1077:
1074:
1063:on 2014-10-06
1062:
1058:
1052:
1049:
1038:
1034:
1028:
1025:
1014:on 2010-06-01
1013:
1009:
1002:
999:
994:
990:
987:Glass, Eric,
983:
980:
969:
965:
959:
957:
953:
942:
941:
934:
931:
928:
923:
920:
909:
905:
899:
896:
885:
881:
875:
873:
869:
858:
854:
848:
845:
834:
830:
824:
821:
810:
806:
800:
797:
786:
782:
776:
773:
762:
758:
752:
749:
738:
734:
728:
725:
714:
710:
704:
701:
690:
686:
679:
677:
673:
663:on 2009-12-31
662:
658:
654:
647:
645:
641:
630:
626:
620:
617:
606:
602:
596:
594:
590:
584:
580:
577:
575:
572:
570:
567:
565:
562:
561:
557:
555:
553:
549:
545:
543:
539:
531:
529:
525:
523:
518:
516:
511:
509:
504:
501:
497:
491:
489:
485:
481:
477:
476:pass the hash
469:
467:
465:
464:Windows Vista
459:
455:
452:
445:
442:
439:
436:
433:
430:
427:
424:
421:
418:
415:
412:
411:
410:
408:
400:
393:
390:
387:
383:
382:
380:
376:
372:
368:
364:
358:
354:
350:
347:
346:
344:
343:
342:
336:
333:
328:
326:
322:
317:
312:
308:
305:
303:
299:
295:
289:
283:
277:
273:
271:
267:
263:
259:
255:
251:
247:
243:
239:
234:
230:
225:NTLM2 Session
224:
218:
216:
212:
208:
202:
199:
194:
192:
188:
184:
180:
175:
172:
164:
162:
157:
154:
148:
141:
139:
137:
135:
131:
126:
124:
121:
118:
117:little endian
114:
110:
106:
102:
98:
90:
87:
84:
83:
82:
80:
72:
70:
68:
63:
61:
57:
53:
49:
45:
41:
37:
33:
19:
4424:File Manager
4264:Photo Viewer
4199:Media Center
4159:Groove Music
4089:Address Book
4060:
4053:
4046:
4041:Purble Place
4039:
4032:
4025:
4018:
4011:
4006:Chess Titans
4004:
3997:
3984:Discontinued
3972:
3965:
3664:Ntoskrnl.exe
3572:Boot Manager
3564:Architecture
3454:Group Policy
3346:File systems
3246:Saved search
3153:Sticky Notes
3118:Quick Assist
3046:Media Player
3016:Feedback Hub
3011:Fax and Scan
2906:Task Manager
2836:Event Viewer
2816:Disk Cleanup
2618:Vista and XP
2460:Development
2095:Media Center
1560:
1471:. Retrieved
1467:
1458:
1444:
1430:
1419:. Retrieved
1415:
1406:
1396:, retrieved
1391:
1384:
1373:. Retrieved
1370:IBM Newsroom
1369:
1360:
1349:. Retrieved
1347:. 2019-12-09
1344:
1335:
1324:
1313:. Retrieved
1309:
1299:
1288:. Retrieved
1285:Ars Technica
1274:
1259:
1246:
1239:
1233:. Defcon 16.
1229:
1222:
1207:
1195:. Retrieved
1190:
1180:
1168:. Retrieved
1163:
1154:
1142:. Retrieved
1138:MSDN Library
1137:
1128:
1116:. Retrieved
1111:
1102:
1090:. Retrieved
1085:
1076:
1065:. Retrieved
1061:the original
1051:
1041:, retrieved
1036:
1027:
1016:. Retrieved
1012:the original
1001:
992:
982:
972:, retrieved
967:
945:, retrieved
939:
933:
922:
912:, retrieved
907:
898:
888:, retrieved
883:
861:, retrieved
856:
847:
837:, retrieved
832:
823:
813:, retrieved
808:
799:
789:, retrieved
784:
775:
765:, retrieved
760:
751:
741:, retrieved
736:
727:
717:, retrieved
712:
703:
692:. Retrieved
688:
665:, retrieved
661:the original
656:
633:, retrieved
628:
619:
609:, retrieved
604:
546:
535:
526:
519:
512:
505:
492:
473:
460:
456:
453:
449:
443:
437:
431:
425:
419:
413:
407:Group Policy
404:
340:
330:
313:
310:
306:
291:
287:
276:challenges.
274:
265:
261:
257:
253:
249:
245:
241:
235:
231:
228:
203:
195:
190:
178:
176:
168:
161:
149:
145:
138:
127:
100:
94:
76:
67:brute-forced
64:
60:Group Policy
39:
35:
29:
4439:Minesweeper
4408:Spun off to
4229:MSN Dial-up
4224:Movie Maker
4129:Diagnostics
4079:ActiveMovie
3821:COMMAND.COM
3699:Shadow Copy
3554:Server Core
3394:Mount Point
3321:Shadow Copy
2916:Windows Ink
2351:Mobile 2003
2269:Windows IoT
2267:Embedded /
2243:Specialized
2207:Server 2022
2202:Server 2019
2197:Server 2016
2187:Server 2012
2158:Server 2008
2151:Home Server
2146:Server 2003
1795:LAN Manager
1585:ntlmv2-auth
1416:hashcat.net
1193:. Microsoft
1140:. Microsoft
1114:. Microsoft
1088:. Microsoft
1039:, Microsoft
739:, Microsoft
715:, Microsoft
631:, Microsoft
607:, Microsoft
564:LAN Manager
56:LAN Manager
48:LAN Manager
4484:Categories
4419:DVD Player
4234:NetMeeting
4134:DriveSpace
3999:3D Pinball
3499:SharePoint
3263:Start menu
3108:Phone Link
2971:Calculator
2926:PowerShell
2787:Management
2690:Comparison
2371:Mobile 6.5
2366:Mobile 6.1
2361:Mobile 6.0
2356:Mobile 5.0
2043:Windows NT
2015:Windows 9x
1959:Comparison
1944:Components
1667:(BSD Auth)
1473:2 December
1421:2023-10-12
1398:2023-10-12
1375:2023-10-12
1351:2023-10-12
1315:2019-02-26
1290:2020-11-23
1212:HD Moore.
1197:2 November
1170:2 November
1144:2 November
1118:2 November
1092:2 November
1067:2014-10-05
1043:2010-08-16
1018:2010-08-14
974:2010-08-14
947:2010-08-14
914:2010-08-15
890:2010-08-15
863:2010-08-15
839:2010-08-15
815:2010-08-15
791:2010-08-15
767:2010-08-15
743:2010-08-15
719:2010-08-15
694:2020-11-26
667:2010-08-14
635:2010-08-15
611:2010-08-15
585:References
484:Metasploit
386:IP address
254:Y=DES_K(X)
252:such that
248:has value
77:NTLM is a
4214:Messenger
4209:Messaging
4139:DVD Maker
4109:CD Player
4104:CardSpace
4055:Solitaire
3755:BitLocker
3750:AppLocker
3384:Hard link
3273:Task View
3251:Namespace
3221:ClearType
3041:Messaging
3026:Magnifier
2991:Clipchamp
2966:3D Viewer
2625:Criticism
2601:10 Mobile
2480:Editions
2425:Nashville
2413:Cancelled
2404:10 Mobile
2399:Phone 8.1
2278:Embedded
1966:Criticism
1824:protocols
1785:IndieAuth
1720:protocols
1581:products.
1579:Atlassian
993:Davenport
552:Crypt (C)
540:(part of
353:HomeGroup
296:(CRC) or
44:Microsoft
34:network,
4458:Category
4335:MS-DOS 7
4320:ScanDisk
4239:NTBackup
4119:Contacts
4099:Cardfile
4034:Hold 'Em
4013:FreeCell
3859:VBScript
3770:Defender
3738:Security
3724:Winlogon
3679:Registry
3293:Services
3226:Explorer
3211:AutoPlay
3098:Paint 3D
3083:OneDrive
3073:Narrator
3021:Get Help
2976:Calendar
2871:Settings
2841:IExpress
2700:Category
2265:Windows
2218:releases
2163:EBS 2008
2136:Windows
2053:releases
1949:Versions
1881:Category
1842:(RADIUS)
1790:Kerberos
1768:Diameter
1763:CRAM-MD5
1679:(GSSAPI)
1310:@hashcat
579:Kerberos
558:See also
494:predict
379:Kerberos
321:Kerberos
73:Protocol
4434:Mahjong
4355:Interix
4289:WinHelp
4189:Journal
4179:Imaging
4027:InkBall
3913:DirectX
3876:ActiveX
3864:JScript
3577:Console
3549:Hyper-V
3444:Domains
3268:Taskbar
3241:IFilter
3216:AutoRun
3178:WordPad
3173:Weather
3088:OneNote
3078:Notepad
3001:Cortana
2876:Sysprep
2454:Related
2440:Polaris
2435:Odyssey
2430:Neptune
2394:Phone 8
2389:Phone 7
2280:Compact
2090:Pro x64
2070:NT 3.51
1954:History
1891:Commons
1863:Woo–Lam
1750:MS-CHAP
1746:(CHAP)
1673:(eAuth)
1543:Midgard
1523:Libntlm
569:NTLMSSP
548:FreeBSD
538:winbind
522:hashcat
508:cracked
374:device.
198:NT Time
123:Unicode
115:of the
105:LM hash
97:salting
32:Windows
4467:
4456:
4429:Hover!
4303:Others
4284:Travel
4279:Syskey
4062:Tinker
4020:Hearts
3948:WinUSB
3933:WinAPI
3918:Native
3729:WinUSB
3654:MinWin
3431:Server
3231:Search
3143:Sports
3113:Photos
3103:People
2981:Camera
2288:CE 5.0
2216:Other
2138:Server
2075:NT 4.0
2065:NT 3.5
2060:NT 3.1
1978:-based
1858:TACACS
1848:(RACF)
1836:(PEAP)
1818:(OIDC)
1811:OpenID
1802:(NTLM)
1709:(XUDA)
1703:(SSPI)
1697:(SASL)
1685:(JAAS)
989:"NTLM"
165:NTLMv2
142:NTLMv1
120:UTF-16
4395:WinFS
4294:Write
3991:Games
3958:Games
3831:WoW64
3659:NTLDR
3649:LSASS
3582:CSRSS
3389:links
3364:exFAT
3193:Shell
3158:Store
3148:Start
3138:Skype
3093:Paint
3068:Money
2996:Clock
2943:WinRE
2851:Netsh
2789:tools
2778:Games
2635:Vista
2591:Phone
2559:Vista
2524:Vista
2489:Vista
2474:Vista
2420:Cairo
2307:Other
2102:Vista
2051:Base
1854:(SRP)
1830:(PAP)
1806:OAuth
1781:(HIP)
1775:(EAP)
1759:(CAS)
1735:(AKA)
1691:(PAM)
1571:Jespa
1547:Linux
1539:Samba
1251:(PDF)
542:Samba
371:Samba
30:In a
4469:List
4350:HPFS
4114:Chat
4072:Apps
3974:Surf
3923:.NET
3891:DCOM
3719:WHEA
3714:USER
3704:SMSS
3494:WSUS
3474:MSMQ
3416:ReFS
3379:NTFS
3354:CDFS
3311:CLFS
3306:BITS
3206:Aero
3183:Xbox
3163:Tips
3051:2022
3036:Maps
3031:Mail
3006:Edge
2958:Apps
2753:APIs
2080:2000
1728:ACF2
1658:APIs
1577:for
1541:and
1475:2018
1199:2015
1172:2015
1146:2015
1120:2015
1094:2015
713:MSDN
498:and
211:HMAC
183:HMAC
99:are
40:NTLM
4249:Pay
4149:Fax
3896:OLE
3871:COM
3854:WSH
3841:API
3602:DLL
3597:EXE
3509:PWS
3489:IIS
3449:DNS
3421:UDF
3409:EFS
3404:TxF
3374:FAT
3369:IFS
3359:DFS
2948:WMI
2445:10X
2116:8.1
2005:3.1
2000:3.0
1995:2.1
1990:2.0
1985:1.0
1976:DOS
1575:IWA
1545:on
367:SMB
302:RC4
298:MD5
215:MD5
207:SAM
187:MD5
153:DES
134:MD4
113:MD4
109:DES
107:(a
4486::
2766:NT
2761:9x
2640:10
2630:XP
2606:11
2596:10
2579:11
2574:10
2554:XP
2544:11
2539:10
2519:XP
2509:11
2504:10
2484:XP
2469:XP
2464:95
2230:RT
2126:11
2121:10
2114:/
2085:XP
2033:Me
2028:98
2023:95
1466:.
1414:.
1368:.
1343:.
1308:.
1283:.
1189:.
1162:.
1136:.
1110:.
1084:.
1035:,
991:,
966:,
955:^
906:,
882:,
871:^
855:,
831:,
807:,
783:,
759:,
735:,
711:,
687:.
675:^
655:,
643:^
627:,
603:,
592:^
272:.
2734:e
2727:t
2720:v
2569:8
2564:7
2534:8
2529:7
2499:8
2494:7
2112:8
2107:7
1925:e
1918:t
1911:v
1641:e
1634:t
1627:v
1477:.
1452:.
1438:.
1424:.
1378:.
1354:.
1318:.
1293:.
1268:.
1216:.
1201:.
1174:.
1148:.
1122:.
1096:.
1070:.
1021:.
697:.
266:K
262:Y
258:X
250:K
246:Y
242:X
213:-
185:-
38:(
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.