Kali Linux 2018: Windows Penetration Testing by Wolf Halton
Author:Wolf Halton
Language: eng
Format: epub
Tags: COM053000 - COMPUTERS / Security / General, COM043050 - COMPUTERS / Security / Networking, COM046000 - COMPUTERS / Operating Systems / General
Publisher: Packt Publishing
Published: 2018-11-12T07:15:13+00:00
In the preceding screenshot, we can see that we have captured the Administrator login from the \\WIN10-01 workstation. This was captured when the user logged on to the domain from the workstation. Notice this is a NTLMv2 hash, which is a salted NTLMv1 hash. A salted hash is basically a re-hashed hash. During the challenge and response part of the SMB login, a 16-bit random hash value is exchanged. The NTLMv1 56-bit hash is then hashed with this random value. This new hash, which is then transmitted to the server, is the NTLMv2 hash value. Since the salt is a random value, the captured v2 hash is non-replayable, but the good news is that programs, such as good old John the Ripper or Hashcat, can crack these hashes offline. They just can't be used in a Pass the Hash style attack.
In the following screenshot, we have the login for LAB1\rred. Again, this is from the user logging into the domain, and the non-replayable NTLMv2 hash is captured again. After both captures, you will notice, a few lines down, that Responder again captures the login, but doesn't repeat it onscreen. It is still logged to the log file as a separate hash. In the log file, you can see when the challenge and response hash changes from the non-replayable changes in the file. The actual password has not changed, but the challenge and response hashes have changed between responses:
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7785)
Grails in Action by Glen Smith Peter Ledbrook(7699)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(6585)
Azure Containers Explained by Wesley Haakman & Richard Hooper(6573)
Running Windows Containers on AWS by Marcio Morales(6104)
Kotlin in Action by Dmitry Jemerov(5068)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(4925)
Combating Crime on the Dark Web by Nearchos Nearchou(4507)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4416)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4355)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4180)
The Age of Surveillance Capitalism by Shoshana Zuboff(3959)
Python for Security and Networking - Third Edition by José Manuel Ortega(3751)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3510)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3414)
Mastering Python for Networking and Security by José Manuel Ortega(3346)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3335)
Blockchain Basics by Daniel Drescher(3301)
Learn Wireshark by Lisa Bock(3279)
