<div>
Are you talking about the admin hash? &nbsp;Easy in XP with Cain, but not possible in Windows 7, 8, or above.
</div>


Are you talking about the admin hash?  Easy in XP with Cain, but not possible in Windows 7, 8, or above.

<div>
yes john. &nbsp;Suppose an organization has a master image on all their PCs with the same admin account. &nbsp;Now suppose that hash for the admin account is compromised. If the computers at the organization is windows 7 and above, will they not be able to pass the hash and move laterally? <br />
Maybe that is why I'm only seeing demos of pth on XP.
</div>


yes john.  Suppose an organization has a master image on all their PCs with the same admin account.  Now suppose that hash for the admin account is compromised. If the computers at the organization is windows 7 and above, will they not be able to pass the hash and move laterally?
Maybe that is why I'm only seeing demos of pth on XP.

<div>
<div class="content wysiwyg-content">
Is Pass the hash susceptible to Windows 7? &nbsp;Did Microsoft harden the Win 7 OS so that it is much more difficult to exploit?<br />
The reason I ask is because I can't seem to successfully PTH using kali Linux against a &nbsp;win 7 machine which is listening on SMB. <br />
Also when I do research on it, all I see are DEMOs against windows XP.
</div>
</div>


Is Pass the hash susceptible to Windows 7?  Did Microsoft harden the Win 7 OS so that it is much more difficult to exploit?
The reason I ask is because I can't seem to successfully PTH using kali Linux against a  win 7 machine which is listening on SMB. 
Also when I do research on it, all I see are DEMOs against windows XP.

Pass-the-hash windows 7

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.