getting credentials from a locked windows pc in 12 seconds
play

Getting Credentials from a locked Windows PC in 12 Seconds Joe - PowerPoint PPT Presentation

Mar 08, 2024 •35 likes •225 views

Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP Principal Consultant About illumination.io Rockford based Cybersecurity Services Penetration Testing HIPAA, PCI, and GLBA Compliance Testing

  1. Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP – Principal Consultant

  2. About illumination.io ● Rockford based Cybersecurity Services – Penetration Testing – HIPAA, PCI, and GLBA Compliance Testing – Social Engineering Testing – Incident Response – Disaster Recovery Planning – Security Architecture Design – Strategic Information Security Planning – Information Security Program Development

  3. About the Speaker

  4. Your Mission

  5. Your Tools

  6. You Only Need 12 Seconds

  7. So how does this work?

  8. Windows Authentication is a Mess of Old Technology NTLMv1 NTLMv2

  9. What is a LAN Turtle?

  10. The Secret Sauce

  11. LAN Turtle in Action

  12. What did we get? ● Proxy-Auth-NTLMv2-172.16.84.113.txt ● Bob::LAPTOP- GK7EEVOS:1122334455667788:1A6B63055DA390F158E33C470F318 E76:0101000000000000AFD31FB3F133D2014423BC942F310F9C00 0000000200060053004D0042000100160053004D0042002D00540 04F004F004C004B00490054000400120073006D0062002E006C00 6F00630061006C0003002800730065007200760065007200320030 00300033002E0073006D0062002E006C006F00630061006C00050 0120073006D0062002E006C006F00630061006C00080030003000 0000000000000000000000200000ADA2DDBB95B9C6DDDF83211E AC531214D6B257A2FBB5AA90AD99C06E26F168F10A00100000000 00000000000000000000000000009001A0048005400540050002F 00700072006F00780079007300720076000000000000000000

  13. Encryption Methods Matter ● NetNTLMv1 : 27362.0 MH/s ● NetNTLMv2 : 2115.9 MH/s ● NTLM : 64790.0 MH/s ● LANMAN : Instant

  14. GPU Cracking Engaged

  15. How to Defend?

  16. How to Defend? Disable NETBIOS over TCP/IP in DHCP Manager

  17. How to Defend? Disable NetBIOS over TCP/IP in NIC Settings

  18. Don’t Forget the Basics ● Strong passwords still work – 12 characters is the new minimum ● Utilize dual factor auth where possible ● Physical security is still king

  19. Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP – Principal Consultant

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get

487 views • 6 slides
Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman Steffan Roobol 04-07-2019 Introduction Figure 1: Kerberos Protocol 2 Problem Figure 1: the LSASS process and Mimikatz. 3 Research Questions

520 views • 27 slides
CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun )

CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun )

CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun ) reference materials used to support applications for employment or graduate study BENEFITS OF CREATING A FILE Compile all of your resources in the Career

677 views • 21 slides
Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box - Still GUI based - Still makes no sense - No start menu :( - (Install classic shell)... trust me... Windows Server What can it do? - Email

1.06k views • 37 slides
locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M.

locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M.

Simulated dynamics and feed-back control of locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M. Okabayashi Presented at the APS-DPP Meeting, Savannah, Georgia Nov. 15, 2015 Choi/APS-DPP/Nov. 2015 1

350 views • 18 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY...

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY...

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY... CRIME Target Requirements Presented at Secrets in HTTP TLS compression ekoparty 2012 headers MITM A

553 views • 29 slides
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase

Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase

Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research Credentials: Motivation ID cards Sometimes used for other uses E.g. prove youre over 21, or verify your address

659 views • 48 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA Proceed with caution: Review of CRIME Introducing BREACH In the weeds Demo time! Mitigations b r e a c h SSL,

526 views • 40 slides
Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018

Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018

Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018 CONTENTS Introduction Regulatory regime Compliance Schedule Handbook Acceptable Solutions Verification Method Alternative Solutions

593 views • 31 slides
Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple different versions of Windows 10 that support different features The version of Windows that we will be using is Enterprise edition This

973 views • 53 slides
THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000

THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000

THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000 seconds = 17 minutes 1M seconds = 12 days 1B seconds = 32 years 1T seconds = 32,000 years 1Q seconds = Metcalfes Law The

416 views • 20 slides
Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8 Heap Internals Who Chris Valasek (@nudehaberdasher) Sr. Research Scientist Coverity Tarjei Mandt (@kernelpool) Vulnerability

1.33k views • 91 slides
Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and

Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and

Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and the Locked-In Syndrome Catalan Institution for Research and Advanced Studies 18 November 2016 Barcelona, SPAIN Athena Demertzi, PhD Institut du

576 views • 19 slides
Injec&on locked CW Magnetron RF Power Source for Project

Injec&on locked CW Magnetron RF Power Source for Project

Injec&on locked CW Magnetron RF Power Source for Project X September 11, 2013 Schema&c of Vector Summa&on of Injec&on Locked Magnetrons

321 views • 18 slides
mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

WINDOWS TO BE REPLACED, APT. 508/509 UPPER SASH OF BATHROOM WINDOW WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WITH LOUVER IN PLACE OF GLASS FOR A/C mc-a mc-a mc-a mc-a

217 views • 8 slides
Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security whatsoever. Windows NT has security features, especially as a computer in a network. Security of Windows NT should be understood correctly. In

592 views • 31 slides
Best Practices for Credentials Wes Smith Assistant Vice President for Workforce Development

Best Practices for Credentials Wes Smith Assistant Vice President for Workforce Development

Best Practices for Credentials Wes Smith Assistant Vice President for Workforce Development wsmith@ccwa.vccs.edu Why are you interested in credentialing? If youre an employer. Maybe youre Hiring certified employees (ex. MT1)

247 views • 11 slides
Your Audience is Here How We Work Audience Built by Data Market Insights Measurable

Your Audience is Here How We Work Audience Built by Data Market Insights Measurable

Agriculture Your Audience is Here How We Work Audience Built by Data Market Insights Measurable Outcomes 2 Randall-Reilly Our data services provide insights to target key prospects and measure the results of your campaign. Our digital

241 views • 22 slides
Next Steps ps Presen sentation tation fo for Preli limin minar ary y Educ ucat atio ion

Next Steps ps Presen sentation tation fo for Preli limin minar ary y Educ ucat atio ion

Next Steps ps Presen sentation tation fo for Preli limin minar ary y Educ ucat atio ion n Speci eciali alist st Cr Credenti ential al Ca Cand ndid idat ates es INTROD TRODUCT UCTION ION You are in the home stretch

484 views • 21 slides
Succ Success ess 2016 2016 Issue Issues What state issues are on voters minds this election?

Succ Success ess 2016 2016 Issue Issues What state issues are on voters minds this election?

Chec Checklist f klist for or Succ Success ess 2016 2016 Issue Issues What state issues are on voters minds this election? ISSUES 2016 Poll Conducted between July 9 and July 18, 2016 ISSUES 2016 Most Important Problem Facing New

515 views • 20 slides
Coordination by Clark County Social Service CCSS staffing provide: Scope of work and contract

Coordination by Clark County Social Service CCSS staffing provide: Scope of work and contract

2 Coordination by Clark County Social Service CCSS staffing provide: Scope of work and contract development Coordination and tracking of outreach activities Connection to coordinated intake Collaboration among contracted providers as needed

149 views • 13 slides
Construction Industry Collaboration: Suicide Prevention in the Workplace

Construction Industry Collaboration: Suicide Prevention in the Workplace

Construction Industry Collaboration: Suicide Prevention in the Workplace http://actionallianceforsuicideprevention.org/resources Crisis Intervention Services Main lines Alcohol and Drug Helpline Suicide Lifeline Military Helpline

273 views • 12 slides
City of Toronto Mobile Crisis Intervention Team Program History of MCIT Current Program 2014

City of Toronto Mobile Crisis Intervention Team Program History of MCIT Current Program 2014

City of Toronto Mobile Crisis Intervention Team Program History of MCIT Current Program 2014 NYGH 2013 MGH 2007 HRH 2006 SRH 2005 SJHC 2000 SMH & TPS Mobile Crisis Intervention Team Partners a mental health registered nurse

403 views • 15 slides
the development of trainees and research NICK HEYWOOD PELVIC FLOOR RESEARCH FELLOW AND GENERAL

the development of trainees and research NICK HEYWOOD PELVIC FLOOR RESEARCH FELLOW AND GENERAL

The importance of NWRC in the development of trainees and research NICK HEYWOOD PELVIC FLOOR RESEARCH FELLOW AND GENERAL SURGICAL TRAINEE CHAIR OF NORTHWEST RESEARCH COLLABORATIVE Curriculum Trainees .. will be expected to be able

579 views • 14 slides

More recommend