Why Crack When You Can Pass the Hash?

A weakness exists in the design of Windows unsalted password hashing mechanism. The static nature of this password hash provides the means for someone to masquerade as another user if the victim's hash can be obtained. While the concept of passing a Windows password hash has been around for some...
Christopher Hummel
November 3, 2009

All papers are copyrighted. No re-posting of papers is permitted