burp-ntlm-challenge-decoder icon indicating copy to clipboard operation
burp-ntlm-challenge-decoder copied to clipboard

Published 20 hours ago verified publisher icon GoSecure

Metadata

Burp extension to decode NTLM SSP headers and extract domain/host information

Burp NTLM Challenge Decoder

Build Status

Burp SSP Decoder

Burp extension to decode NTLM SSP headers. NTLM challenges over HTTP allows us to decode interesting information about a server, such as:

  • The server's hostname
  • The server's operating system
  • The server's timestamp
  • The domain's name
  • The domain's FQDN
  • The parent domain's name

Build the plugin

$ gradle build

The compiled plugin is located at build/libs/burp-ntlm-challenge-decoder.jar

Download the precompiled jar

Sources, credits

  • https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf
  • http://msdn.microsoft.com/en-us/library/cc236621.aspx
  • https://gist.github.com/aseering/829a2270b72345a1dc42

Metadata

33
Stars
11
Forks
Watchers

Owner

verified publisher icon GoSecure

Metadata

Burp extension to decode NTLM SSP headers and extract domain/host information

Back