Closed johnmccash closed 7 months ago
Oops... It is actually greater than. if the domain controller requires NTLMv2 and explicitly refuses LM and NTLM (LmCompatibilityLevel = 5) and the coercion target only supports LM/NTLM (LmCompatibilityLevel <= 2), then the domain controller won't be able to receive the NTLM authentication request from the coercion target and the attack won't work.
For TAKEOVER-3, TAKEOVER-8:
I'm assuming that should be "LmCompatibilityLevel <= 3 on the coercion target"?