-
Notifications
You must be signed in to change notification settings - Fork 23
wdigest
Wdigest is an authentication package (AP) that was introduced in NT 5.1 to support digest authentication.
It is also the security package (SP) for the Digest Access protocol.
The package only supports a single protocol message which is only reachable using the CallPackagePassthrough function.
Its CallPackage and CallPackageUntrusted functions are available but return SEC_E_UNSUPPORTED_FUNCTION.
The protocol messages that wdigest supports is not documented by Microsoft but is provided here. Wdigest support is not a priority for Lsa Whisperer.
| Id | Message Type | CLI Support | NT Version | Internal Function |
|---|---|---|---|---|
|
|
Planned |
All |
|
|
✏️
|
The internal function will be located in wdigest.dll.
|
The request may be used to verify a plaintext password or OWF hash for a user.
If the provided data is valid the response will contain a session key and PAC for the user.
Request data is marshalled as a DIGEST_BLOB_REQUEST with responses sent as DIGEST_BLOB_RESPONSE.
The request is only available as a passthrough command which is currently not supported by LSA whisperer.