Squirtle-en

Back  Español

Squirtle

Phase(s):

Primary: Exploitation.
Secondary: N/A.

Description:

Tool that allows taking control of any web browser that uses the NTML authentication protocol to access web application.

Objective:

• Take control of the web browser through the NTML authentication protocol.

Features:

Supported technologies: Web applications (HTTP/HTTPS) with a MySQL database backend.

Operative mode: Active.

Take control of the web browser through the NTML authentication protocol.

• Takes advantage of the “Trusted Zone” feature present on Internet Explorer to gain access to the authentication hashes used by the NTML authentication protocol.

Reports:
Output reports: X

Resources:

Link: https://code.google.com/p/squirtle/
Author(s): Kurt Grutzmacher
Contact: kurt.gru... [at] gmail.com
License: GNU GPL v3