Re: Pass-The-Hash Toolkit v1.2 released.

From: rajat swarup (rajats@gmail.com)
Date: Sat Jan 26 2008 - 12:54:17 EST


On Jan 21, 2008 11:37 AM, Hernan Ochoa <hernan@gmail.com> wrote:
> Pass-The-Hash Toolkit v1.2 is available.
>
> What is Pass-The-Hash Toolkit?
>
> The Pass-The-Hash Toolkit contains utilities to manipulate the Windows
> Logon Sessions mantained by the LSA (Local Security Authority)
> component. These tools allow you to list the current logon sessions
> with its corresponding NTLM credentials (e.g.: users remotely logged
> in thru Remote Desktop/Terminal Services), and also change in runtime
> the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH
> on Windows!).
>
Sometimes the workstations do not store the LM Hashes. The iam.exe
utility requires us to pass LM & NTLM hashes...what should we pass for
LM hash if we only have the MS Cached credentials?

Thanks and regards,

-- 
Rajat Swarup
http://rajatswarup.blogspot.com/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:22 EDT