Kali Brute Force web NTLM
by insurin from LinuxQuestions.org on (#55WPE)
Hi all
I am looking to do some pen testing on our web servers. I have already ran the wpscan to enumerate users on our Wordpress site so I have now put mitigation's in place to prevent usernames being presented.
I have another site hosted on a Windows 2012 box running IIS that uses NTLM authentication (AD username and password). Lots of sensitive info if authenticated so I have setup Azure Proxy Gateway and now use Office 365 with MFA to harden it up for the login process.
Without my Azure Proxy solution, my question is on Burp Suite. There are lots of tutorials on web forms that use Post method to capture the specific Post method so one can run a brute force. I have tried this with Burp Suite. I setup local proxy and forward the request on Burp Suite but all I get is a big hash key and nothing about Post with usernames/passwords.
Is it even possible to run a brute force on a web app using NTLM. I am not a web developer but I know if someone were to run a brute force on said web app, I think they would get in (in theory). I have lockout set on 3 attempts but I want to test it as a proof of concept. Someone mentioned dropping a captcha would also work but I want to see if I can brute force our web app without those mitigation's in place.
cheers
I am looking to do some pen testing on our web servers. I have already ran the wpscan to enumerate users on our Wordpress site so I have now put mitigation's in place to prevent usernames being presented.
I have another site hosted on a Windows 2012 box running IIS that uses NTLM authentication (AD username and password). Lots of sensitive info if authenticated so I have setup Azure Proxy Gateway and now use Office 365 with MFA to harden it up for the login process.
Without my Azure Proxy solution, my question is on Burp Suite. There are lots of tutorials on web forms that use Post method to capture the specific Post method so one can run a brute force. I have tried this with Burp Suite. I setup local proxy and forward the request on Burp Suite but all I get is a big hash key and nothing about Post with usernames/passwords.
Is it even possible to run a brute force on a web app using NTLM. I am not a web developer but I know if someone were to run a brute force on said web app, I think they would get in (in theory). I have lockout set on 3 attempts but I want to test it as a proof of concept. Someone mentioned dropping a captcha would also work but I want to see if I can brute force our web app without those mitigation's in place.
cheers