It's interesting that they've stopped the public from accessing their Vulnerability DB but they've been relying on taking information from other publicly available databases for years........
Although SMB has been improved to now include AES-CMAC (on Win8/2012) the underlying hashing algorithm used for authentication is still based on LM, NTLMv1, or NTLMv2. Whilst the channel between a client and a server can be encrypted, if you can man-in-the-middle a HTTP connection and redirect it to SMB you are able to set the version of SMB and encryption level used and obtain the authentication details.
Slashdot Mirror
It's interesting that they've stopped the public from accessing their Vulnerability DB but they've been relying on taking information from other publicly available databases for years........
Although SMB has been improved to now include AES-CMAC (on Win8/2012) the underlying hashing algorithm used for authentication is still based on LM, NTLMv1, or NTLMv2. Whilst the channel between a client and a server can be encrypted, if you can man-in-the-middle a HTTP connection and redirect it to SMB you are able to set the version of SMB and encryption level used and obtain the authentication details.