Stamp Out Hash Corruption, Crack All The Things

Presented at Black Hat USA 2012, July 26, 2012, 2:55 p.m. (20 minutes).

The precursor to cracking any password is getting the right hash. In this talk we are going to cover how we discovered that Cain and Able, Creddump, Metasploit and other hash extraction tools regularly yield corrupt hashes that cannot be cracked. We will take a deep dive into password extraction mechanics, the birth of a viral logic flaw that started it all and how to prevent corrupt hashes. At the conclusion of this talk we will release patches that prevent hash corruption in these tools that many security professionals use every day.


Presenters:

Links:

Similar Presentations: