The NTLMv1-2 challenge-response protocol provides absolutely no protection against credentials forwarding / relay or reflection attacks. This means that an active attacker (such as a man-the-middle) can redirect the login of the legitimate user to authenticate his own session.

ปล. แปลโดย google translate

**Hidden Content: Check the thread to see hidden data.**