HolyGhost logoHolyGhost

#windows

4 posts

Analysis

Pass the Hash: Why Stealing the Password Is Optional

In Windows networks an attacker often does not need your password, just its hash. Here is how pass the hash works, why it powers lateral movement, and how to break the chain.

9 min read·#pass-the-hash#active-directory#windows
AnalysisCVE-2017-0144

EternalBlue: The Leaked Exploit That Powered WannaCry

How a flaw in an ageing file sharing protocol, weaponised by a leaked intelligence exploit, spread ransomware across the world in hours. A breakdown of EternalBlue and MS17-010.

8 min read·#eternalblue#smb#windows