Pass The Hash Attack (Metasploit)
|
|
|
||||||||||||
Description:
We had posted a Pass the Hash Attack demo a while back on SecurityTube. Here is another video of the same by iVictor.
To jog your memory, by default, Windows stores the credentials, username and password hash, of the last 10 people that have logged into a Windows computer. This is a feature, known as cached credential storage, allows users to authenticate even if Active Directory (AD) is unavailable. However, these cached credentials can be used to attack accounts that have authenticated in the past. Additionally, Windows stores the password hashes of users. These hashes can be replayed against other systems with the same username and password combination. This attack is commonly referred to as "passing the hash".
To jog your memory, by default, Windows stores the credentials, username and password hash, of the last 10 people that have logged into a Windows computer. This is a feature, known as cached credential storage, allows users to authenticate even if Active Directory (AD) is unavailable. However, these cached credentials can be used to attack accounts that have authenticated in the past. Additionally, Windows stores the password hashes of users. These hashes can be replayed against other systems with the same username and password combination. This attack is commonly referred to as "passing the hash".