The article describes how an attacker can use hash injection attacks to access services on systems in a Windows network without knowing the plain text password. The attacker still needs to obtain the password hash from one computer's cached credentials, but he no longer requires the assistance of rainbow tables to crack the password. He can log onto the network with just the hash and a few tools.
- Marcus Murray: Hash injection Attacks in a Windows Network