Please
login
or
register
.
Username:
Password:
1 Hour
1 Day
1 Week
1 Month
Forever
Home
Help
Search
Login
Register
This forum is in archive mode. You will not be able to post new content.
EvilZone
»
Hacking and Security
»
Hacking and Security
(Moderator:
RedBullAddicted
) »
Pass-the-Hash is Dead, or is it?
Print
Pages: [
1
]
Author
Topic: Pass-the-Hash is Dead, or is it? (Read 675 times)
0 Members and 2 Guests are viewing this topic.
Axon
VIP
King
Posts: 2047
Cookies: 319
Pass-the-Hash is Dead, or is it?
«
on:
July 30, 2014, 10:44:05 PM »
This is a good read on the recent fix by Microsoft called KB2871997, which some have dubbed "Pass the hash fix". According to this fix, local accounts can no longer be used to access remote systems, either via simple network logon or interactive login. This includes using tools like PSEXEC or even browsing to C$ remotely. But this is not always the case?
http://www.harmj0y.net/blog/
http://www.pwnag3.com/2014/05/what-did-microsoft-just-break-with.html
«
Last Edit: July 30, 2014, 10:46:06 PM by Axon
»
Report to moderator
Logged
Ogma
NULL
Posts: 1
Cookies: 0
Re: Pass-the-Hash is Dead, or is it?
«
Reply #1 on:
August 23, 2014, 07:18:31 PM »
And theres always the krbtgt account hash for the kerberos "golden ticket."
Report to moderator
Logged
Print
Pages: [
1
]
EvilZone
»
Hacking and Security
»
Hacking and Security
(Moderator:
RedBullAddicted
) »
Pass-the-Hash is Dead, or is it?
Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.
