Password Hash Sync: Entra ID Security Explained #shorts

Again, this was not the login, right? This was a password reset. So, let's move on to the third and final uh method of hybrid uh cloud, which is password hash sync. And that starts with the AAD server, which takes all the hashes from Active Directory. Basically, a DC sync. Maybe you've seen that if you're a red teamer. Maybe you've done it if you're a red teamer. This is the legitimate uh way of using that. And so it says sure and gives all the password, and they are of course encoded with MD4, which apparently isn't good enough for the cloud, so it actually hashes it with SHA-256 and a salt. So, like if you're dumping hashes in Entra ID, you're not

going to get the like classic NTLM hashes. You're going to get something else. Um but still, if you crack that, then you can get that original hash and blah blah blah. So, uh at this point, Entra ID has all usernames and hashes, right?