Invoke-TheHash ~ PowerShell Pass The Hash Utils.

Invoke-TheHash ~ PowerShell Pass The Hash Utils.

Latest Change v1.0 7/3/2017:
+ Added support for longer commands
+-+ Added logic to Invoke-WMIExec and Invoke-SMBExec to split long commands over multiple packets. SMBExec now supports Empire 2.0 launchers.

Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Authentication is performed by passing an NTLM hash into the NTLMv2 authentication protocol. Local administrator privilege is not required client-side.

+ Minimum PowerShell 2.0


– Invoke-WMIExec : WMI command execution function.
– Invoke-SMBExec : SMB (PsExec) command execution function supporting SMB1, SMB2, and SMB signing.
– Invoke-TheHash : Function for running Invoke-WMIExec and Invoke-SMBExec against multiple targets.
– ConvertTo-TargetList : Converts Invoke-TheHash output to an array that contains only targets discovered to have Invoke-WMIExec or Invoke-SMBExec access. The output from this function can be fed back into the Targets parameter of Invoke-TheHash.