Description:
Once an attacker compromises a system and gets the password hashes, he typically spends a long time trying to crack the passwords. However, in certain cases there is no need to crack the hashes, instead one can just pass the hash along to connect to systems which use the same user:pass combination. In the video below
@mubix demos the "
Pass the Hash Attack" using Metasploit (windows/smb/psexec).
This video was referred to us by
@tnicholson via Twitter.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: