Dissecting the Pass the Hash Attack

28 07 2010

Nice to see an article including Backtrack on the windowsecurity.com list. Its a nice writeup on using backtrack to pass the hash to use psexec to remotely launch a reverse shell. If you havent read much about using password hashes, this would be a good read. It also links to other articles about gaining access to hashed passwords, from physical box access to various tools.

In this article we will look at how this technique works and I will demonstrate the process that can be used to take stolen password hashes and use them successfully without having to crack their hidden contents. As always, I will cover some detection and defensive techniques on how you can prevent yourself from falling victim to this attack.

via Dissecting the Pass the Hash Attack.

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: