Questions tagged [pass-the-hash]
In cryptanalysis and computer security, pass the hash is a hacking technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
10 questions
1
vote
1
answer
321
views
Is pass-the-hash possible with NTLMv2?
I'm new to Windows security, and I'm trying to understand basics of pass-the-hash attacks.
As I understood :
NTLM = NT Hash = Password storage format
NTLMv1 = Net-NTLMv1 = Challenge/response ...
- 164
1
vote
1
answer
69
views
Are certain hash types more susceptible to pass-the-hash attacks than others?
Is this the case, and if so, is there a technical reason for it?
Maybe “statistically” weak security that leads to PtH vulnerabilities goes hand in hand with weaker hashing functions?
- 4,795
1
vote
0
answers
159
views
Pass-the-hash, why do I get a shell with high integrity?
I am testing the security of a Windows Server 2019 machine and have a question about remote access to the machine.
The user on the machine has the permission "SeBackupPrivilege". I can ...
- 11
1
vote
0
answers
385
views
Pass the hash/ pass the ticket TO a linux machine
I'm studying how to attack AD, but so far I have seen how to use pass the hash and pass the ticket to get access to Windows machines. How does one attack Linux machines joined to the domain using the ...
- 11
0
votes
1
answer
965
views
How to overcome MD4 hashing in SAMBA
We are using a Samba configuration on our RedHat (RHEL7.9) systems, where SMB authentication is based on an NTLM password hash, which is basically a clear-text credential for a challenge-response ...
- 105
4
votes
0
answers
1k
views
How does local pass-the-hash (mimikatz's sekurlsa::pth) work?
Mimikatz's sekurlsa::pth documentation states:
mimikatz can perform the well-known operation 'Pass-The-Hash' to run a
process under another credentials with NTLM hash of the user's
password, instead ...
- 105
1
vote
1
answer
4k
views
Is it possible make a Pass-The-Hash attack with Responder?
The tool Responder written in Python permits to listen on a specific network card requests and automatically poisoning victims the steal hash NTLMv1 and hash NTLMv2.
The attack Pass-The-Hash permits ...
- 284
0
votes
1
answer
375
views
Is this Wikipedia article about SCRAM wrong?
At my Company, we put a honeypot in our network and it raised us the Lansweeper SSH password used to connect to the scanned assets (and it is reusable over many boxes...).
So it is a way for an ...
- 1,378
9
votes
3
answers
21k
views
How to pass hash as password to ssh server
I have a hashed password $6$salt$hash. I want to ssh to a linux server with this hash. How could I do that? Do I need to change cipher spec? Is that possible?
- 91
1
vote
0
answers
155
views
Remote access to Windows Workstation with credentials, after Windows 10 - 1809
I am a newbie in terms of OS security and I started learning from Windows; in particular I downloaded Win10 virtual machine and I am simulating various attack / defense scenarios on it.
I would like ...
- 11