Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft WINS Domain Controller Spoofing Vulnerability

Microsoft WINS Domain Controller Spoofing Vulnerability

by Phiber on January 19th, 2001 WINS does not properly verify the registration of domain controllers. It is possible for a user to modify the entries for a domain controller, causing the WINS service to redirect requests for the DC to another system. This can lead to a loss of network functionality for the domain. The DC impersonator can also be set up to capture username and password hashes passed to it during login attempts.
[Exploit]



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »