#Hashtab windows password#
The pass the hash technique was originally published by Paul Ashton in 1997 and consisted of a modified Samba SMB client that accepted user password hashes instead of cleartext passwords. In other words, from an attacker's perspective, hashes are functionally equivalent to the original passwords that they were generated from. If an attacker has the hashes of a user's password, they do not need the cleartext password they can simply use the hash to authenticate with a server and impersonate that user. Native Windows applications ask users for the cleartext password, then call APIs like LsaLogonUser that convert that password to one or two hash values (the LM or NT hashes) and then send that to the remote server during NTLM authentication. Instead, they are provided to the requesting system, like a domain controller, as a hash in a response to a challenge–response authentication scheme. On systems or services using NTLM authentication, users' passwords are never sent in cleartext over the wire. This technique can be performed against any server or service accepting LM or NTLM authentication, whether it runs on a machine with Windows, Unix, or any other operating system. The attack exploits an implementation weakness in the authentication protocol, where password hashes remain static from session to session until the password is next changed. It replaces the need for stealing the plaintext password to gain access with stealing the hash. In computer security, pass the hash is a hacking technique that allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LanMan hash of a user's password, instead of requiring the associated plaintext password as is normally the case.
0 kommentar(er)
