Metasploit mailing list archives
RE: SV: Brute-forcing cached Windows login password hashes
From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Fri, 10 Aug 2007 11:39:13 -0500
Check out HD and Valsmith's doc at http://metasploit.com/confs/ I also have a now out-dated smbsniffer description at http://grutztopia.jingojango.net/2007/05/pass-hash-support-for-metasploit.html AFAIK the new smb tools are in the svn trunk only and will only work on non-Windows machines. On Fri, Aug 10, 2007 at 10:36:38AM -0400, A Plasmoid wrote:
Hmm how does this "pass the hash" work? Is there a module in Metasploit that can utilize it? Thanks [snip]Then again; why break the passwords, as pass-the-hash is fully possible in most Windows environments?[snip] _________________________________________________________________ Learn. Laugh. Share. Reallivemoms is right place! http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us
-- ..:[ grutz at jingojango dot net ]:.. GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4 "There's just no amusing way to say, 'I have a CISSP'." -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070810/0a6ea9ae/attachment.pgp>
Current thread:
- RE: SV: Brute-forcing cached Windows login password hashes A Plasmoid (Aug 10)
- RE: SV: Brute-forcing cached Windows login password hashes Kurt Grutzmacher (Aug 10)