This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Pass-the-hash
Pass-the-hash

Version management

Difference between version and

At line 1 added 13 lines
!!! Overview
[{$pagename}] ia typically an [Attack] that allows an [attacker] to [authenticate] to a remote [Service Provider] by using the underlying [NTLM] or [NT LAN Manager] [hash] of a user's [password], instead of requiring the associated [plaintext] [password] as is normally the case.
After an [attacker] obtains valid user name and user [password] [hash] values (somehow, using different methods and tools), they are then able to use that information to [authenticate] to a remote [Service Provider] using [NT LAN Manager] or [NTLM] [authentication] without the need to [brute-Force] the [hash]es to obtain the [plaintext] [password] (as it was required before this technique was published).
[{$pagename}] [attack] [exploits] an implementation weakness in the [authentication] [protocol], where [password] [hash] remain static from session to session until the [password] is next changed.
This technique can be performed against any server or service accepting LM or [NTLM] [authentication], whether it runs on a machine with [Microsoft Windows], [UNIX]/[Linux], or any other [Operating System].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop