Crack Active Directory User NTLM hash
#7
"My thinking was to crack the old NTLM hash, key it into AD"

I think you can change it back without knowing what the old password was. You can set the old NTLM hash with
lsadump::ChangeNTLM /server:AD.local /user:accountname /old:current.hash /new:hash.you.found.in.old.file
then update those 50 devices then set the new password back.

this way you won't need to run hashcat to find the old password
Reply


Messages In This Thread
RE: Crack Active Directory User NTLM hash - by DanielG - 01-03-2020, 05:19 PM