PSExec Metasploit (Lateral Movement Question)

Home Forums PSExec Metasploit (Lateral Movement Question)

This topic contains 0 replies, has 1 voice, and was last updated by  BrianMiz 4 weeks, 1 day ago.

  • Author
    Posts
  • #122347

    BrianMiz
    Member

    So I understand if you are able to obtain the local administrator hash on a computer you can potentially move from machine to machine using pass the hash (I understand pass the hash does not work if LAPS is enforced, Administrator accounts are disabled, etc).

    However, my question is would you still be able to use the PSExec module within Metasploit to pass the hash of a regular **Domain User** (not domain admin) that would normally be able to authenticate to most machines on the network?

    If you are not able to pass the hash of a regular domain user and only can only pass the hash using the local administrator can you pass the hash using a **Domain Admins** account if you were able to pull it from memory?

You must be logged in to reply to this topic.