Pass the Hash
Pass the hash technique enables a user to authenticate to another machine or service using a user's NTLM hash instead of the password. Most pth tools create and start a Windows service such as a command or powershell prompt.
This technique requires access to the special admin share called Admin$, which in turn requires local administrative rights on the target machine.
The following command can be used to connect to a system using the NTLM hash,
In the above command if the user belongs to a domain, then the username has to be preceded with the domain name as - "p42/John"
The string βaad3b435b51404eeaad3b435b51404eeβ is the LM hash for βno passwordβ.
The same attack can be performed using Impacket,
Last updated