2010年10月12日Pass-The-Hash toolkit的作者在mailist发布了新版的Pass The Hash Attack tool -- Windows Credentials Editor,简称wce。
单个文件集成了列举、添加、更改credentials的功能,再也不用拖着几个exe和dll文件到处跑了,而且体积仅仅137KB,内网渗透手必备工具.

Windows Credentials Editor v1.0
Supports Windows XP, 2003, Vista, 7 and 2008 (Vista was not actually
tested yet, but it should work).
Windows Credentials Editor (WCE) allows to list logon sessions and add,
change, list and delete associated credentials (ex.: LM/NT hashes). This
can be used, for example, to perform pass-the-hash on Windows and also
obtain NT/LM hashes from memory (from interactive logons, services,
remote desktop connections, etc.) which can be used in further attacks.
You can find it here:
http://www.ampliasecurity.com/research/wce_v1.0.tgz
 

文章如转载,请注明转载自:http://www.5iadmin.com/post/831.html