Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Intercepting pass-the-hash attacks.

21 Apr 2010   #1

Win 7 Ultimate 64-bit. SP1.
Intercepting pass-the-hash attacks.

Limiting who can access highly privileged accounts and where they do can help keep hackers from snatching precious hashes.

Pass-the-hash attacks are among the most difficult assaults to thwart. In these attacks, an intruder -- or an employee performing unauthorized activities -- gains administrative (or root) access to a computer where a user logs on. With that highly elevated access, the intruder can obtain the user's password hash from the machine's memory and log on to other computers as the spoofed user.

Once an outsider obtains elevated access, defending against the pass-the-hash attacks is very difficult. There are even free hacking tools available to aid the process. Even worse, pass-the-hash attacks work against very long passwords, smart cards, and many other logon tokens. There aren't a lot of defenses one can deploy to prevent them, which is why security admins fear them. However, defenses do exist.

Not just a Windows problem
Some people mistakenly believe that only Windows is vulnerable to pass-the-hash attacks. (I'll note that Microsoft is my full-time employer.) However, most of today's popular operating systems perform subject authentication (for example, user, computer, service/daemon) using password hashes. Those hashes sit in the computer's memory on those operating systems as readily as on Windows and can be obtained just as easily, if not more so, if public tools are on hand.
Source -
Intercepting pass-the-hash attacks | Security Central - InfoWorld

My System SpecsSystem Spec


 Intercepting pass-the-hash attacks.

Thread Tools

Similar help and support threads
Thread Forum
HP Hash Request
Hello The server once a week start to making a loud whirling noise - and that hangs up the system. I then reboot to fix. I then contacted HP for help on this VM server. HP tech wants this pasted below and I don't know how to run the 'hash'. Let me know how to go about generating the report,...
T-Mobile is intercepting my data and it's pissing me off
So my DSL went down yesterday and it won't be back up until later today. For the mean time, I decided to tether internet to my laptop using my HTC HD2. It went fine until this morning were I was slapped with this webpage: ...
Chillout Room
Don't count on Kerberos to thwart pass-the-hash attacks
More... Don't count on Kerberos to thwart pass-the-hash attacks | Security Central - InfoWorld
Security News
OEM and Retail hash different?
Hi, I wanted to know if the SHA1 hash will be different for Windows 7 Ultimate GA(retail) and OEM. Any ideas anybody?
General Discussion
Hash help
CRC32 4FBAF4BA MD5 EF7568343E34699D84D1DC51C3EDAFE7 SHA-1 049539998E39E59800B6026094F9049C4CCA2375 Hi all, these are my hashes according to install.wim, these are the zukona leak hashes for the 64 bit ultimate version of 7, well they don't seem to match the hashes on technet,...
General Discussion
7264 X64's hash?
Some people and I downloaded the 7264.0.090622-1900_x64fre_client_en-us_Retail_Ultimate-GRMCULXFRER_EN_DVD.iso file has the hash value like: CRC32: 41FD359B MD5: 9885CB114F2B24C961B154F88E0C858A SHA-1: 5869965BE01C9F38A73CC6410313E245F8C64F3B It seems not correct, any idea?
General Discussion

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:01.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App