“Puff, Puff, Pass: Getting the Most Out of Your Hash” An Intro to Linux Post-Exploitation Fun With Windows Hashes

Presented at DerbyCon 2.0 Reunion (2012), Sept. 29, 2012, 9 a.m. (50 minutes)

Dude, I got the hash, now what? Interact with Microsoft services, file shares, databases, and execute commands on Windows servers with password hashes. Skip and Chris will demonstrate the usage of various Linux tools that take hashes and the fun that can be had with hashes post-exploitation.

Presenters:

• Christopher Campbell   as Chris Campbell
  spoke at Bsides LV 2012 / blackhat USA 2012; performs full scope pen tests @obscuresec
• Skip Duckwall
  spoke at defcon 19 /blackhat USA 2012; performs full scope pen tests @passingthehash

Similar Presentations:

• Black Hat USA 2012 / Stamp Out Hash Corruption, Crack All The Things
• DEF CON 20 (2012) / Stamp Out Hash Corruption! Crack All The Things!
• Black Hat USA 2012 / Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All your Data