Explore credential assessment mapping and privilege escalation at scale in this 56-minute conference talk from Derbycon 2015. Delve into major breaches like Target and Sands Casino, examining critical flaws and missed alarms. Investigate the IT industry's focus on credential theft and Windows password storage. Learn about defensive strategies, including authentication policies and preventing privilege escalation. Gain insights into offensive options and the importance of credential management. Witness a demonstration and understand why certain security measures fail. Discover how to extract hashes, use double hashes, and implement effective authentication policies to enhance your organization's security posture.
Overview
Syllabus
Introduction
Motivation
Major Breaches
Target Breach
Critical Flaw
Missed Alarms
The Biggest Issue
US Senate Report
Summary
Sands Casino
How it happened
No alerts missed
Industry response
Credential theft
IT industry focus
Windows password storage
Minicats
Boring Alternatives
Defending Against This
Hand Diagram
Credentials
Extracting hashes
Using double hashes
A funny Facebook video
Why did this fail
Force Guest
Authentication
Remote Desktop
Demo
Prevent Privilege Escalation
Authentication Policies
Offensive Options
Pay attention to credentials
