Re: passing the hash

From: Iván Arce (core.lists.pentest@core-sdi.com)
Date: Thu Oct 04 2001 - 19:43:31 PDT

Next message: Bill Pennington: "Re: ATG Dynamo issues?"

Previous message: Mehmet Murat Gunsay: "Fw: DENY x REJECT"
In reply to: Jason binger: "passing the hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
 You can have a detailed description on how to do at our
 site, in the publications-->papers  section
  The paper is written by Hernan Ochoa and its called
 "Modifying Windows NT credentials" it is also
 available from the SecurityFocus.com guest feature
 archives.

URLs (possibly wrapped):

http://www.securityfocus.com/guest/1512
http://www.corest.com/pressroom/advisories_desplegado.php?idxsection=11&idx=
87


---

"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 Its nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce


CORE Security Technologies
Iván Arce
Co-Founder and CTO
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email   : ivan.arceat_private
http://www.corest.com


----- Original Message -----
From: Jason binger <core.lists.pentest@core-sdi.com>
Newsgroups: core.lists.pentest
To: <pen-testat_private>
Sent: Wednesday, October 03, 2001 6:44 PM
Subject: passing the hash


> I have read in many different sources the theory
> behind passing the password hash in NT/2000 using a
> custom written tool or samba client.
>
> Apparently newer versions of the samba client offer
> these features from the command line. (well I can't
> see it in mine anyway).
>
> Does anyone know how to do this?
>
> Jason
>
>
> __________________________________________________
> Do You Yahoo!?
> NEW from Yahoo! GeoCities - quick and easy web site hosting, just
$8.95/month.
> http://geocities.yahoo.com/ps/info1
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>


--- for a personal reply use: =?iso-8859-1?Q?Iv=E1n_Arce?= <ivan.arceat_private>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Bill Pennington: "Re: ATG Dynamo issues?"
Previous message: Mehmet Murat Gunsay: "Fw: DENY x REJECT"
In reply to: Jason binger: "passing the hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 05 2001 - 18:47:00 PDT