![]() ![]() LM-hashes is the oldest password storage used by Windows, dating back to OS/2 in the 1980’s. The hashes I’m looking at is LM, NT, and NTLM (version 1 and 2). If I’m missing something, please hit me up.Īll example hashes are taken from Hashcat’s example hashes page. A lot of inspiration is taken from byt3bl33der’s awesome article, “Practical guide to NTLM Relaying in 2017”. ![]() This post is geared towards pentesters in an AD environment, and it favors practical attacks against the different hash formats. ![]() This is my attempt at clearing things up. It doesn’t help that every tool, post and guide that mentions credentials on Windows manage to add to the confusion. Most of these hashes are confusingly named, and both the hash name and the authentication protocol is named almost the same thing. When attacking AD, passwords are stored and sent in different ways, depending on both where you find it and the age of the domain. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |