See how to access a Windows system without recovering a password, directly using hashes. Learn how to use the pth-winexe tool.
- [Instructor] Gaining access without recovering passwords…from hashes can save a lot of time.…This form of access has been possible…in the Windows environment for many years…and the class of techniques are known as, pass the hash.…Pass the hash can also be used…in some website authentication schemes.…When a user logs into a Windows system,…the operating system will hash their password…and store it in a special memory area…in the operating system,…and will use it subsequently…to authenticate access to network resources.…
This process is managed by…the Local Security Authority Subsystem, or LSASS.…Single sign-on schemes take advantage of this capability…and allow access to resources throughout a session…without requiring reentry of the password.…Gaining access to a system…through the pass the hash technique…requires that the user knows a user ID…and its password hash,…either by intercepting them in network traffic…or by extracting hashes during an attack…using tools such as the Windows Credential Editor.…
These hashes can then be stored…
This course will give prospective ethical hackers a short overview of the tools in Kali Linux. Cybersecurity expert Malcolm Shore shows how to set up a virtual environment for testing, configure Kali Linux, and install toolsets for information gathering, vulnerability assessment, password and hash cracking, and target exploitation.
Because businesses are connected, they are also exposed. Vulnerability testing helps organizations limit that exposure. This course will help you explore the careers, techniques, and tools behind ethical hacking—one of the most competitive and sought-after IT security skills.
- Overview of Metaploit, Maltego, and Wifite
- Setting up a virtual lab with Oracle VM
- Installing virtual machines and appliances
- Exploring the Kali Linux applications
- Gathering information with DMitry and DNSenum
- Conducting a vulnerability assessment
- Installing OpenVAS and Vega
- Testing passwords
- Exploiting targets
Skill Level Beginner
Q: This course was updated on 06/12/2017. What changed?
A: The following topics were updated: setting up a virtual lab, installing appliances, Windows Credential Editor, using John for Windows passwords, pass the hash, using rainbow tables, exploiting with Armitage, pivoting through a network, and getting stealth and persistent access. In addition, a new video was added that shows how to create Trojans with msfvenom.
1. Setting Up the Virtual Lab
Installing virtual machines8m 11s
2. Introducing Kali
3. Information Gathering (Understanding the Target)
4. Vulnerability Analysis
5. Passwords and Hashes
6. Exploiting Targets
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.