EvilZone
Welcome,
Guest
. Please
login
or
register
.
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News:
Home
Help
Search
Login
Register
EvilZone
»
Hacking and Security
»
Hacking and Security
(Moderator:
RedBullAddicted
) »
Pass-the-Hash is Dead, or is it?
Print
Pages: [
1
]
Author
Topic: Pass-the-Hash is Dead, or is it? (Read 675 times)
0 Members and 2 Guests are viewing this topic.
Axon
VIP
King
Posts: 2047
Cookies: 319
Pass-the-Hash is Dead, or is it?
«
on:
July 30, 2014, 10:44:05 pm »
This is a good read on the recent fix by Microsoft called KB2871997, which some have dubbed "Pass the hash fix". According to this fix, local accounts can no longer be used to access remote systems, either via simple network logon or interactive login. This includes using tools like PSEXEC or even browsing to C$ remotely. But this is not always the case?
http://www.harmj0y.net/blog/
http://www.pwnag3.com/2014/05/what-did-microsoft-just-break-with.html
«
Last Edit: July 30, 2014, 10:46:06 pm by Axon
»
Report to moderator
Logged
Ogma
NULL
Posts: 1
Cookies: 0
Re: Pass-the-Hash is Dead, or is it?
«
Reply #1 on:
August 23, 2014, 07:18:31 pm »
And theres always the krbtgt account hash for the kerberos "golden ticket."
Report to moderator
Logged
Print
Pages: [
1
]
EvilZone
»
Hacking and Security
»
Hacking and Security
(Moderator:
RedBullAddicted
) »
Pass-the-Hash is Dead, or is it?
