Pass The Hash Attack Using Metasploit
|
|
|
||||||||||
Description:
Once an attacker compromises a system and gets the password hashes, he typically spends a long time trying to crack the passwords. However, in certain cases there is no need to crack the hashes, instead one can just pass the hash along to connect to systems which use the same user:pass combination. In the video below @mubix demos the "Pass the Hash Attack" using Metasploit (windows/smb/psexec).
This video was referred to us by @tnicholson via Twitter.
This video was referred to us by @tnicholson via Twitter.