Pth on systems unable to contact DC and non-domain joined computers

Hello everyone,

Hoping someone could please help me out on two scenarios please.

One: You dump a hash of a domain user, test\Alice, on computer A. You wish to use pass the hash against computer B. Both are domain joined. What happens if:

a. Computer B is no longer able to contact the DC, but test\alice has logged on to the system recently (i.e her credentials are still cached)?

b. As above, but test\alice has never logged on to computer B? I assume this would fail.

Two: Computer A and B exist with a local Administrator on both. Password is the same on both systems. They are not domain joined. You capture the user's hash on Computer A. Is an attacker free to use pth against Computer B with no caveats?


Touch here for the full post on Network Security Noblemen tumblr