MSF hash passing attack
Conditions : Get to the Administrator user of a host of LM-Hash and NTLM-Hash, and 445 ports that host open, available exploit / windows / smb / psexec vulnerability for remote login (hash passing attack) with MSF. (Only administrator users LM-hash and NTLM-hash), this has nothing to do with the use of a workgroup environment or a domain environment.
This site provides password converted into operation LM-Hash and NTLM-Hash of: https: //asecuritysite.com/encryption/lmhash
mimikatz hash passing attack
Based domain environment, if the working group was unsuccessful when this attack.
Conditions: In a domain environment, when we won the NTLM hash value of a domain administrator, we can pass the hash attack on a domain controller by using a host mimikatz domain. After executing the command, cmd window will pop up. The premise is that we must have NTLM hash value of the local administrator and domain administrator privileges Renyiyitai host domain.
Build a reference domain environment: Portal
#使用域管理员administrator的NTLM哈希值对域控进行哈希传递攻击
sekurlsa::pth /user:administrator /domain:"xxx.com" /ntlm:6542d35ed5ff6ae5e75b875068c5d3bc
After the successful implementation of the session box will pop up cmd, then execute the command, disk mapping play like.
