Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

RE: SV: Brute-forcing cached Windows login password hashes

From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Fri, 10 Aug 2007 11:39:13 -0500
Check out HD and Valsmith's doc at http://metasploit.com/confs/

I also have a now out-dated smbsniffer description at
http://grutztopia.jingojango.net/2007/05/pass-hash-support-for-metasploit.html

AFAIK the new smb tools are in the svn trunk only and will only work on
non-Windows machines.


On Fri, Aug 10, 2007 at 10:36:38AM -0400, A Plasmoid wrote:


Hmm how does this "pass the hash" work? Is there a module in Metasploit that can utilize it?

Thanks
[snip]


Then again; why break the passwords, as pass-the-hash is fully possible in
most Windows environments?


[snip]
_________________________________________________________________
Learn. Laugh. Share. Reallivemoms is right place!
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us

-- 
                 ..:[ grutz at jingojango dot net ]:..
     GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03 8CB3 ECB4
        "There's just no amusing way to say, 'I have a CISSP'."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070810/0a6ea9ae/attachment.pgp>
Previous By Date Next
Previous By Thread Next

Current thread: