Friday, April 2, 2010

Pass the Hash with modified SMB Client Vulnerability

A modified SMB client can mount shares on an SMB host by passing the username and corresponding LanMan hash of an account that is authorized to access the host and share. The modified SMB client removes the need for the user to "decrypt" the password hash into its clear-text equivalent.

In order for this to be used in a malicious manner, the attacker must first obtain a valid username and LanMan hash for a user account known to have access permissions to the resource on the remote NT host.

No comments:

Post a Comment

Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security