Explore a 51-minute conference talk from Black Hat USA 2012 that delves into the persistent vulnerability of password hash exploitation in Windows domain authentication. Learn how Kerberos and NTLM protocols are utilized for everyday tasks like checking email, sharing files, and browsing websites. Discover how presenters Alva Duckwall and Christopher Campbell demonstrate the use of enhanced tools to connect to Exchange, MSSQL, SharePoint, and file servers using hashes instead of passwords. Understand the critical implications of compromised domain hashes on a domain controller and how this can lead to widespread data breaches. Gain insights into the longevity of this security issue and its continued relevance in modern network environments.
Overview
Syllabus
Black Hat USA 2012 - Still Passing the Hash 15 Years Later: Using Keys to the Kingdom to Access Data
Taught by
Black Hat