NTLM
Last updated
Was this helpful?
Last updated
Was this helpful?
Does not currently working against Windows Server 2008 / Windows 7 / Windows Server 2012
This module builds upon the module. Whereby, execution on a remote host will force each user logon session to authenticate to a locally hosted web sever and obtain the users NTLMv1 or NTLMv2 hash.
This modules code is based on a fork of .
For example, assuming the below output. We can see the remote host currently has the users standarduser and srv2019-admin within existing logon sessions. PsMapExec will attempt to obtain each users NTLMv1 or NTLMv2 hash.
Output for NTLM is stored $PWD\PME\NTLM\
SMB
SessionHunter (WMI)
WMI
WinRM
-ShowOutput
N/A
Displays each targets output to the console
-SuccessOnly
N/A
Display only successful results