Presented at
Black Hat USA 2014,
Aug. 7, 2014, 11:45 a.m.
(60 minutes)
Microsoft Active Directory uses Kerberos to handle authentication requests by default. However, if the domain is compromised, how bad can it really be? With the loss of the right hash, Kerberos can be completely compromised for years after the attacker gained access. Yes, it really is that bad.
In this presentation Skip Duckwall, @passingthehash on twitter and Benjamin Delpy, @gentilkiwi on twitter and the author of Mimikatz, will demonstrate just how thoroughly compromised Kerberos can be under real world conditions.
Prepare to have all your assumptions about Kerberos challenged!
Presenters:
-
Benjamin Delpy
Benjamin Delpy, is a security researcher know as 'gentilkiwi'. Security enthusiast, he publishes tools and articles in order to speak about product weaknesses and to prove some of his ideas. Mimikatz was his first software that reached an international audience. It is now recognized as a Windows security audit tool - http://blog.gentilkiwi.com/mimikatz
-
Alva Duckwall
- Unnamed Startup
Alva "Skip" Duckwall has been using Linux back before there was a 1.0 kernel and has since moved into the information security arena doing anything from computer/network auditing, to vulnerability assessments and penetration testing. Skip holds the following certs (among others) :GSE, CISSP, CISA, and RHCE.
Links:
Similar Presentations: