Presented at DEF CON 20 (2012)
July 29, 2012, 3 p.m.
Their systems were fully patched, their security team watching, and the amateur pentesters just delivered their "compliant" report. They thought their Windows domain was secure. They thought wrong.
Zack Fasel (played by none other than Angelina Jolie) brings a New Tool along with New methods to obtain Windows Integrated Authentication network requests and perform NTLM relaying both internally and externally. The Goal? Start off as a nobody and get domain admin (or sensitive data/access) in 60 seconds or less on a fully patched and typically secured windows environment. The Grand Finale? Zack demonstrates the ability to *externally* gain access to a Windows domain user's exchange account simply by sending them an email along with tips on how to prevent yourself from these attacks.
In just one click of a link, one view of an email, or one wrong web request, this new toolset steals the identity of targeted users and leverages their access. Call your domain admins, hide your road warriors, and warn your internal users. Zack will change the way you think about Windows Active Directory Security and trust relationships driving you to further harden your systems and help you sleep at night.
Owned in 60 Seconds. Coming This Summer.
Zack Fasel is a seasoned Penetration Tester and Security Consultant with diverse experience serving clients ranging in Fortune 1000s, Enterprises, and SMBs in varying industries. He has delivered hundreds of network, wireless, and social penetration tests and subsequently driven strong defensive remediation strategies as a result. Zack tries to stay closely connected to the local security community in Chicago as the lead for dc312[.org] and as a Co-Founder of THOTCON[.org], Chicago's local Hacking con. When not focusing his efforts on Infosec, Zack can be found playing the untz untz wubs, taking photos, fending off the ladies, or trying to find the nearest Chipotle. Stalkers can stalk him over at zfasel.com or @zfasel on the twitters.