Passing the Hash
Windows authentication is vulnerable to replay attacks
Again, this is not news: SMBProxy; ethereal
But historically, it has been inconvenient to take advantage of this fact
So people have underestimated the risk of compromise to local administrator accounts
Wouldn't it be nice to be able to:
Quickly check to see if a given password hash is reused elsewhere?
In the event that it is reused, mount filesystems and run commands?
Why, yes, I think it would...
This page is maintained by Foofus. Please direct comments and questions to
foofus <at> foofus.net.