Pass-The-Hash 2: The Admin’s Revenge

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 28, 2013, 9 a.m. (50 minutes)

ome vulnerabilities just can’t be patched. Pass-The-Hash attacks against Windows enterprises are are still successful and are more popular than ever. Since the PTH-Suite was released at BlackHat last year, Microsoft published their guide for mitigating the attack. Skip and Chris will cover some of the short-comings in their strategies and offer practical ways to detect and potentially prevent hashes from being passed on your network. Learn how to stop an attacker’s lateral movement in your enterprise.

Presenters:

• Christopher Campbell   as Chris Campbell
  Co-presented PTH talk last year at Blackhat Also spoke at BsidesLV, Derbycon, Shmoocon & BsidesPR www.obscuresec.com @obscuresec Works for Crucial Security (Harris Corp)
• Skip Duckwall
  Co-presented PTH talk last year at Blackhat Also spoken at Defcon, derbycon passing-the-hash.blogspot.com @passingthehash on twitter Works for Accuvant Labs

Links:

• https://infocon.org/cons/DerbyCon/DerbyCon 3 2013/video/Pass The Hash 2 The Admin S Revenge Skip Duckwall Chris Campbell.mp4

Similar Presentations:

• DEF CON 23 (2015) / Forensic Artifacts From a Pass the Hash Attack
• Black Hat USA 2013 / Pass-the-Hash 2: The Admin's Revenge
• Black Hat USA 2013 / Pass the Hash and Other Credential Theft and Reuse: Mitigating the risk of Lateral Movement and Privilege Escalation