Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10

Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10

x33fcon via YouTube Direct link

Request PRT for hybrid user

25 of 28

25 of 28

Request PRT for hybrid user

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Windows Hello (for Business)
  3. 3 Windows Hello for Business key points
  4. 4 Windows Hello for Business flavours
  5. 5 Azure AD native WHFB
  6. 6 Azure AD WHFB provisioning - PIN setup
  7. 7 WHFB Provisioning-technical components
  8. 8 WHFB Provisioning token requirements
  9. 9 WHFB provisioning response
  10. 10 Signed assertion with WHFB private key
  11. 11 Analyzing WHFB security
  12. 12 Analyzing key provisioning
  13. 13 Key provisioning flaws
  14. 14 Attack schematics
  15. 15 Get token with SSO data
  16. 16 Provisioning a new WHFB key
  17. 17 WHFB key storage
  18. 18 Registering WHFB keys directly on users
  19. 19 Registering a new WHFB key
  20. 20 Attack method: device code phishing
  21. 21 Alternative scenarios
  22. 22 WHFB Hybrid
  23. 23 WHFB Cloud Kerberos Trust
  24. 24 Lateral movement with WHFB
  25. 25 Request PRT for hybrid user
  26. 26 TGT Upgrade reply
  27. 27 Kerberos Key Trust consequences
  28. 28 Windows Hello for Business - conclusions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.