We help IT Professionals succeed at work.

Pass-the-hash windows 7

trojan81
trojan81 asked
on
Is Pass the hash susceptible to Windows 7?  Did Microsoft harden the Win 7 OS so that it is much more difficult to exploit?
The reason I ask is because I can't seem to successfully PTH using kali Linux against a  win 7 machine which is listening on SMB.
Also when I do research on it, all I see are DEMOs against windows XP.
Comment
Watch Question

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Are you talking about the admin hash?  Easy in XP with Cain, but not possible in Windows 7, 8, or above.

Author

Commented:
yes john.  Suppose an organization has a master image on all their PCs with the same admin account.  Now suppose that hash for the admin account is compromised. If the computers at the organization is windows 7 and above, will they not be able to pass the hash and move laterally?
Maybe that is why I'm only seeing demos of pth on XP.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
Because Windows 7 is vastly more secure and in particular changed the hash security (precisely because XP was so weak).
Distinguished Expert 2019
Commented:
Surely, win7 is still vulnerable to PtH.
You would need to explain what your KALI does in detail if you want someone to help you understand why it does not work.

If you are hoping to learn about securing your credentials on modern Windows, especially win7, you need to start with pass the pass, not PtH. If you can get at the hash, you usually can get at the plain text password, too. Mimikatz is the tool that makes it possible. Win8.1 and higher have better protection against that. Win7 by default will let local admins get the passwords of any other person logged into that computer, be it before or after their own logon.