Metasploit PsExec pass the hash attack demonstration: 1.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System 2.Add a new DWORD (32-bit) key named ‘ LocalAccountTokenFilterPolicy’ and set the value to 1 regini HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System LocalAccountTokenFilterPolicy = REG_DWORD 1 C:\Windows\system32>reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 The operation completed successfully. I firstly used existing …