1、可接受的值0、1或2:2您确实想将设置为只有当服务重新开始后设置才会生效netstarttlntsvr服务正在启动.服务已经启动成功。注意设置地方首先我们设置成是只允许验证0user/password1是和U/P验证都允许127.0.0.1版本5.00欢迎使用ClientClient内部版本号5.00.99206.1Escape字符为CTRL+您将要发送密码信息到Internet区域中的远程计算机。这可能不安全。是否还要发送(y/n):y*=服务器。C:exit遗失对主机的连接。如果选nallowsauthenticationonlyhasclosedconnection如果设置选的是并且刚才
2、输入n后会让输入用户密码VersionWelcometoServiceBuildlogin:(相关注册表)REGEDIT4HKEY_LOCAL_MACHINESOFTWAREMicrosoftTelnetServer1.0NTLM=dword:00000000TelnetPort00000017如果不通过tlntadmn修改设置可以直接修改注册表1.修改注册表可以用.reg2.或者用命令行小工具reg.exe18,94402-12-2121:57ConsoleRegistryToolforversion3.0Copyright(C)Corp.1981-2001.Allrightsreserve
3、dREGOperationParameterListQUERY|ADDDELETECOPY|SAVELOADUNLOADRESTORECOMPAREEXPORTIMPORTReturnCode:(ExceptofCOMPARE)SuccussfulFailedForhelponaspecificoperationtype:/?Examples:3.一个简单的修改C代码来自nsfocus(-TNTLM.cpp/*Nsfocus.2000RightsReservedTNTLM.cpp:ModifymethodWindowsServer.*Usage:TNTLMoptionoption:No(def
4、ault)Tryfirst.Iffailed,thentryusername/password.Requireauthentication.Writtenby:backend,Date:2000/08/31WARNING:THISPROGRAMISJUSTFOREDUCATIONALPURPOSE!YOUAREUSINGSOFTWAREONYOUROWNRISK.APROOF-OF-CONCEPTANDTAKEFULLRESPONSIBILITYWHATDOWITHIT!NOTABUSEILLICITPURPOSES!Greetingsto:Netguy*/#includewindows.hs
5、tdlib.hstdio.hintmain(intargc,char*argv)HKEYhKey;charSubKeyName=SOFTWAREMicrosoftWindowsTelnetServer1.0;ValueNameDWORDNewValueif(argc)atol(argv1);RegOpenKeyEx(HKEY_LOCAL_MACHINE,SubKeyName,0,KEY_ALL_ACCESS,&hKey)ERROR_SUCCESSperror(RegOpenKeyExreturn-1;RegSetValueEx(hKey,ValueName,REG_DWORD,CONSTBYT
6、E)NewValue,sizeof()RegSetValueExRegCloseKey(hKey-可以看到如果使用的话不需输入密码就进入系统同样的情况还会发生在网上邻居访问时和连接MSSQL时这在很多时候做身份验证很方便TheAuthenticationProtocolWhatisNTLM?anprotocolusedinvariousnetworkimplementationsandsupportedbytheSecuritySupportProvider(NTLMSSP).OriginallynegotiationsecureDCE/RPC,alsothroughoutMicrosofts
7、systemsasintegratedsinglesign-onmechanism.employschallenge-responsemechanismauthentication,whichclientsareableprovetheiridentitieswithoutsendingpasswordserver.Itconsiststhreemessages,commonlyreferredType(negotiation),(challenge)3(authentication).basicallyworkslikethis:clientsendsmessageThisprimarily
8、containslistfeaturesrequestedserverrespondswithmessage.agreeduponMostimportantly,however,itchallengegeneratedrepliesseveralpiecesinformationaboutclient,includingdomainusernameuser.oneormoreresponseschallenge.mostcriticalpiece,theythatuserknowledgeaccountpassword.那么NTLM是怎么验证的呢?以共享为例,具体的方法是这样的:1、客户端服务
9、端2、客户端-客户端类型、支持的服务方式列表等-服务端3、客户端5、客户端=客户端-客户端类型、支持的服务方式列表等-No:9Timestamp:19:43:48:362MACsourceaddress:00:50:BF:2A:40:64dest09:7B:51:BB:FCFrameIPProtocol:TCP-TELNETSourceIPawenDestfldserverport:2255Destination23SEQ:1865769009ACK:1218937261Packetsize:103data:0000:00097B51BBFC50BF2A40640845.Q.P.*d.E.00
10、10:59B21980068F74AC1101BCD341.Y.t.A0020:3802CF176F35603148A781AD188.o51H.P.0030:FAD6DC15FF250F20.%.0040:4E544C4D53.NTLMSSP.0050:9782E0.0060:F0.=104621865769058229.P.*d.Q.E.D7F7847E4B8B.K.A8.62.H.o5bP.A41EB59E.%.12308AED8337.0.7DD441F965CK.D.0070:424652.B.F.L.D.S.E.R0080:56.V.E.R.F.L.D0090:.S.E.R.V.E.R.00A0:.F.L.D.S.E.R.V.E00B0:04666C7365.R.f.l.d.s.e00C0:727603.r.v.e.r.f.l00D0:.d.s.e.r.v.e.r.00E0:.客户端-用户名、加密后密码-服务器的名称awen用户名为admin,后面是加密后的散列值1147212189374362251A8EF9.A8.o5bH.P.27639A.oc.%.5A
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1