Crack Active Directory User NTLM hash
#2
I don't get what your goal is here, any domain admin can change the password of the account so that is your best option.
You don't need to crack the NTLM hash for most other 'less-ethical' use cases (using pass-the-hash attack). The NTLM hash can be used to do a lot of things (for example authenticate on those devices).

Anyway, if you have the current NTLM hash and want to change the password on the AD (and for some reason you are not an admin) use this:
https://blog.stealthbits.com/manipulatin...ChangeNTLM

You can use mimikatz to run the command lsadump::changentlm /server:that.ad.server.of.yours /user:co-worker /old:extracted.ntlm.from.ntds.dit /newpassword:TurboMatt from any connected computer (you can also do the same with DSInternals you already used).

But again, this is a weird story considering any administrator can change the account password.
Reply


Messages In This Thread
RE: Crack Active Directory User NTLM hash - by DanielG - 01-03-2020, 09:43 AM