Kali Linux 2018: Windows Penetration Testing by Wolf Halton
Author:Wolf Halton
Language: eng
Format: epub
Tags: COM053000 - COMPUTERS / Security / General, COM043050 - COMPUTERS / Security / Networking, COM046000 - COMPUTERS / Operating Systems / General
Publisher: Packt Publishing
Published: 2018-11-12T07:15:13+00:00
In the preceding screenshot, we can see that we have captured the Administrator login from the \\WIN10-01 workstation. This was captured when the user logged on to the domain from the workstation. Notice this is a NTLMv2 hash, which is a salted NTLMv1 hash. A salted hash is basically a re-hashed hash. During the challenge and response part of the SMB login, a 16-bit random hash value is exchanged. The NTLMv1 56-bit hash is then hashed with this random value. This new hash, which is then transmitted to the server, is the NTLMv2 hash value. Since the salt is a random value, the captured v2 hash is non-replayable, but the good news is that programs, such as good old John the Ripper or Hashcat, can crack these hashes offline. They just can't be used in a Pass the Hash style attack.
In the following screenshot, we have the login for LAB1\rred. Again, this is from the user logging into the domain, and the non-replayable NTLMv2 hash is captured again. After both captures, you will notice, a few lines down, that Responder again captures the login, but doesn't repeat it onscreen. It is still logged to the log file as a separate hash. In the log file, you can see when the challenge and response hash changes from the non-replayable changes in the file. The actual password has not changed, but the challenge and response hashes have changed between responses:
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7400)
Grails in Action by Glen Smith Peter Ledbrook(7294)
Kotlin in Action by Dmitry Jemerov(4636)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4128)
The Age of Surveillance Capitalism by Shoshana Zuboff(3420)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3239)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3024)
Mastering Python for Networking and Security by José Manuel Ortega(2945)
Blockchain Basics by Daniel Drescher(2888)
TCP IP by Todd Lammle(2637)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(2578)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2482)
Hands-On Azure for Developers by Kamil Mrzyglod(2408)
React Native - Building Mobile Apps with JavaScript by Novick Vladimir(2337)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(2330)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2309)
The Social Psychology of Inequality by Unknown(2308)
The Art Of Deception by Kevin Mitnick(2297)
Azure Containers Explained by Wesley Haakman & Richard Hooper(2222)