Lotus Notes Password Hash Redux

Explore the vulnerabilities and security implications of Lotus Notes in this comprehensive conference talk from BSidesLV 2012. Delve into the history of weaknesses, tools for exploitation, and methods for enumerating servers and accessing sensitive information. Learn about web access vulnerabilities, Google domain searches, and user directory exploits. Discover techniques for extracting password hashes and using John the Ripper for cracking. Examine real-world examples of compromised servers, discuss mitigation strategies, and consider the current state of Lotus Notes security. Gain valuable insights for both offensive and defensive cybersecurity professionals dealing with Lotus Domino environments.

Intro
Who am I
What is Lotus Notes
Lotus Domino
SameTime
Who uses Lotus Domino
Companies using Lotus Domino
Previous work
History of weakness
Links
Tools
Web Access
Google Domains
Alabama
Google Search
User Directory
All Server Documents
HTTP Password
Clustered Environment
Enumerating IP Addresses
Metasploit module
Output
List of servers
Other queries
Batch vash
Showdown
Results
Individual Servers
Manual script
John the Ripper
Hash formats
snapshot
unsalted
findings
mitigations
is it dead
take action
corporate English