Preview Mode Links will not work in preview mode

7 Minute Security

Sep 29, 2023

Today we talk about an awesome path to internal network pentest pwnage using downgraded authentication from a domain controller, a tool called ntlmv1-multi, and a boatload of cloud-cracking power on the cheap from Here's my chicken scratch notes for how to take the downgraded authentication hash capture (using -I eth0 --lm) and eventually tweeze out the NTLM hash of the domain controller (see for full show notes).