Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
shakna
on June 3, 2019
|
parent
|
context
|
favorite
| on:
Password expiration is dead, long live passwords
If you have the DS-Replication-Get-Changes permission, you can exploit dc-sync through something like mimikatz [0] to grab the password hashes out of Active Directory, so you can run your checks.
[0]
https://github.com/gentilkiwi/mimikatz
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
[0] https://github.com/gentilkiwi/mimikatz