Description: In this attack I'm going to demonstrate how powerful pass-the-hash attacks and token stealing attacks are. Attack starts from
1. knowing a user hashed NTLM password
2. logging into MSSQL server with the hash
3. uploading a reverse shell to the MSSQL server
4. privilege escalation from Network service to Local admin via vulnerable autostart script
5. privilege escalation from local admin to system
6. token stealing of domain admin
7. adding new domain admin user to the domain
8. PWND
Tags: hack , pass-the-hash , metasploit ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.