ARTICLE Pass the Hash Toolkit v1.1 released

Sunday 4 November 2007 - 563 read - ( Keywords : Data Sniffer , Enumeration , Pass-The-Hash )

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes

What’s new?:

- Improved support for windows xpsp2 german/french, windows 2003 sp1/sp2, both for IAM.EXE and WHOSTHERE.EXE

- Added to IAM.EXE and WHOSTHERE.EXE the -B switch. If IAM.EXE or WHOSTHERE.EXE is not working in your configuration, please run the tools again specifying -B at the end. The -B option will try to find, using ’heuristics’, the addresses the tools need to do what they do. If you are still having issues, please let me know, I expect people to have issues because the addresses vary from OS version to OS version.


POSTSCRIPTUM

Download and documentation


RELATED ARTICLES

Data Sniffer, Enumeration, Pass-The-Hash,

2 July 2008 : Pass-The-Hash Toolkit v.1.4 released
29 February 2008 : Pass-The-Hash Toolkit v1.3 released
22 January 2008 : Pass-The-Hash Toolkit v1.2 is out
4 November 2007 : Pass the Hash Toolkit v1.1 released