PaulDotCom mailing list archives

Re: Pass the hash for computer accounts?

From: Jonathan Cran <jcran () 0x0e org>
Date: Mon, 22 Nov 2010 15:09:52 -0600

On 11/22/2010 09:20 AM, David Porcello wrote:

Is it possible to relay or pass Windows machine account password
hashes in the same manner as SMBrelay or pshtoolkit does for user
account hashes? I'm trying to spoof domain membership using an
extracted machine account password hash.
Dave.


Yes, i believe so, though i've not tested. Try changing the password
with netdom.exe (win2k support tools) and sniffing the DC connection to
ensure it uses NTLM - if so, then you can likely PTH.
jcran

-- 
Jonathan Cran
jcran () 0x0e org
515.890.0070

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Pass the hash for computer accounts? David Porcello (Nov 22)
- Re: Pass the hash for computer accounts? Ryan Sears (Nov 22)
  - Re: Pass the hash for computer accounts? David Porcello (Nov 22)
- Re: Pass the hash for computer accounts? Jonathan Cran (Nov 22)