Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Pass The Hash SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Pass The Hash

I've always loved the offensive side of security.  Give me permission and a network to break into and I'm a happy guy.

One of my favorite techniques is the "pass the hash" attack.

Why bother spending precious time cracking a password if you can simply provide the target system what it's already expecting, a hash?

Recent tool advances make this a much easier attack to perform than it has been in the past and it is more likely than ever that attackers are using this technique on your systems.

Bashar Ewaida completed a nice Gold paper on the subject in the Sans Reading Room.

If you're not familiar with this technique, the tools that can be used or how to mitigate the attack, take a look at Bashar's paper.


Christopher Carboni - Handler On Duty


140 Posts
Feb 25th 2010

Sign Up for Free or Log In to start participating in the conversation!