sspi-rs icon indicating copy to clipboard operation
sspi-rs copied to clipboard
verified publisher icon Devolutions

NTLM Acceptor does not authenticate credentials

Open jborean93 opened this issue 2 years ago • 0 comments

Maybe I'm doing something wrong here but it doesn't look like the NTLM security package is validating the credentials at all as an acceptor. It does a few things like validate the bindings or the encrypted random session key but I cannot see it verifying the NT hash received matches the known credential provided in the inbound credential handle.

jborean93 avatar Sep 20 '23 22:09 jborean93