Internal Information Disclosure using Hidden NTLM Authentication

Mike Brown
The Startup
Published in
4 min readMar 9, 2020

--

Photo by vishnu vijayan on Pixabay

This post introduces the concept of information disclosure through NTLM authentication and demonstrates methods for invoking an NTLM challenge response over HTTP — even when no login page is present.

⭐️ Not a Medium member? Read the full article at m8sec.dev

Overview

--

--