getting credentials from a locked windows pc in 12 seconds
play

Getting Credentials from a locked Windows PC in 12 Seconds Joe - PowerPoint PPT Presentation

Mar 08, 2024 •35 likes •225 views

Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP Principal Consultant About illumination.io Rockford based Cybersecurity Services Penetration Testing HIPAA, PCI, and GLBA Compliance Testing

  1. Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP – Principal Consultant

  2. About illumination.io ● Rockford based Cybersecurity Services – Penetration Testing – HIPAA, PCI, and GLBA Compliance Testing – Social Engineering Testing – Incident Response – Disaster Recovery Planning – Security Architecture Design – Strategic Information Security Planning – Information Security Program Development

  3. About the Speaker

  4. Your Mission

  5. Your Tools

  6. You Only Need 12 Seconds

  7. So how does this work?

  8. Windows Authentication is a Mess of Old Technology NTLMv1 NTLMv2

  9. What is a LAN Turtle?

  10. The Secret Sauce

  11. LAN Turtle in Action

  12. What did we get? ● Proxy-Auth-NTLMv2-172.16.84.113.txt ● Bob::LAPTOP- GK7EEVOS:1122334455667788:1A6B63055DA390F158E33C470F318 E76:0101000000000000AFD31FB3F133D2014423BC942F310F9C00 0000000200060053004D0042000100160053004D0042002D00540 04F004F004C004B00490054000400120073006D0062002E006C00 6F00630061006C0003002800730065007200760065007200320030 00300033002E0073006D0062002E006C006F00630061006C00050 0120073006D0062002E006C006F00630061006C00080030003000 0000000000000000000000200000ADA2DDBB95B9C6DDDF83211E AC531214D6B257A2FBB5AA90AD99C06E26F168F10A00100000000 00000000000000000000000000009001A0048005400540050002F 00700072006F00780079007300720076000000000000000000

  13. Encryption Methods Matter ● NetNTLMv1 : 27362.0 MH/s ● NetNTLMv2 : 2115.9 MH/s ● NTLM : 64790.0 MH/s ● LANMAN : Instant

  14. GPU Cracking Engaged

  15. How to Defend?

  16. How to Defend? Disable NETBIOS over TCP/IP in DHCP Manager

  17. How to Defend? Disable NetBIOS over TCP/IP in NIC Settings

  18. Don’t Forget the Basics ● Strong passwords still work – 12 characters is the new minimum ● Utilize dual factor auth where possible ● Physical security is still king

  19. Getting Credentials from a locked Windows PC in 12 Seconds Joe Granneman, MBA, CISSP – Principal Consultant

Recommend

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New!

UC.yber Meeting 17 Dumping Windows Credentials, Threat Intel, and more If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get

487 views • 6 slides
Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman Steffan Roobol 04-07-2019 Introduction Figure 1: Kerberos Protocol 2 Problem Figure 1: the LSASS process and Mimikatz. 3 Research Questions

520 views • 27 slides
CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun )

CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun )

CREDENTIALS STUDENT RECORD SERVICES TUTORIAL WHAT ARE CREDENTIALS ? 01 credentials ( noun ) reference materials used to support applications for employment or graduate study BENEFITS OF CREATING A FILE Compile all of your resources in the Career

677 views • 21 slides
Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box

Windows Not just for houses Windows 1-10 Windows Server Essentially a jacked up windows 8 box - Still GUI based - Still makes no sense - No start menu :( - (Install classic shell)... trust me... Windows Server What can it do? - Email

1.06k views • 37 slides
locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M.

locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M.

Simulated dynamics and feed-back control of locked and nearly-locked islands by W. Choi, K.E.J. Olofsson, R. Sweeney, F. Volpe, and M. Okabayashi Presented at the APS-DPP Meeting, Savannah, Georgia Nov. 15, 2015 Choi/APS-DPP/Nov. 2015 1

350 views • 18 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY...

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY...

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS PREVIOUSLY... CRIME Target Requirements Presented at Secrets in HTTP TLS compression ekoparty 2012 headers MITM A

553 views • 29 slides
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase

Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase

Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research Credentials: Motivation ID cards Sometimes used for other uses E.g. prove youre over 21, or verify your address

659 views • 48 slides
SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA

Angelo Prado Neal Harris Yoel Gluck SSL, GONE IN 30 SECONDS b r e a c h A BREACH beyond CRIME SSL, GONE IN 30 SECONDS AGENDA Proceed with caution: Review of CRIME Introducing BREACH In the weeds Demo time! Mitigations b r e a c h SSL,

526 views • 40 slides
Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018

Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018

Security vs Means of Escape Locked out Locked in Origin Fire Consultants, October 9, 2018 CONTENTS Introduction Regulatory regime Compliance Schedule Handbook Acceptable Solutions Verification Method Alternative Solutions

593 views • 31 slides
Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple

Windows Not Just For Houses Everyone Uses Windows! Versions of Windows 10 There are multiple different versions of Windows 10 that support different features The version of Windows that we will be using is Enterprise edition This

973 views • 53 slides
THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000

THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000

THEY KNEW THEY KNOW 2.5 QUINTILLION BYTES OF DATA A DAY (2,500,000,000,000,000,000) 1000 seconds = 17 minutes 1M seconds = 12 days 1B seconds = 32 years 1T seconds = 32,000 years 1Q seconds = Metcalfes Law The

416 views • 20 slides
Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8 Heap Internals Who Chris Valasek (@nudehaberdasher) Sr. Research Scientist Coverity Tarjei Mandt (@kernelpool) Vulnerability

1.33k views • 91 slides
Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and

Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and

Neuroethical implications of clinicians attitudes toward the Locked-in Syndrome Personhood and the Locked-In Syndrome Catalan Institution for Research and Advanced Studies 18 November 2016 Barcelona, SPAIN Athena Demertzi, PhD Institut du

576 views • 19 slides
Injec&on locked CW Magnetron RF Power Source for Project

Injec&on locked CW Magnetron RF Power Source for Project

Injec&on locked CW Magnetron RF Power Source for Project X September 11, 2013 Schema&c of Vector Summa&on of Injec&on Locked Magnetrons

321 views • 18 slides
mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

mc-a ISSUED DATE McAlpine Architecture PC (T) E-mail: 34-26 Street 212.366 .0700

WINDOWS TO BE REPLACED, APT. 508/509 UPPER SASH OF BATHROOM WINDOW WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WINDOWS TO BE REPLACED, APT. 508/509 WITH LOUVER IN PLACE OF GLASS FOR A/C mc-a mc-a mc-a mc-a

217 views • 8 slides
Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security

Windows NT Security Windows 95, 3.1, 3.11 are basically DOS and they have no security whatsoever. Windows NT has security features, especially as a computer in a network. Security of Windows NT should be understood correctly. In

592 views • 31 slides
Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux kernel

Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux kernel

Unit OS B: Comparing the Linux and Windows Kernels Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section B A Brief History of Windows and Linux Comparing the Windows and Linux

430 views • 25 slides
Seconds Aim I can measure and record time in seconds. Success Criteria I can measure time

Seconds Aim I can measure and record time in seconds. Success Criteria I can measure time

Seconds Aim I can measure and record time in seconds. Success Criteria I can measure time in seconds. I can record my measurements. Minute Measure How many faces can you draw in one minute? Click the timer for a 1 minute countdown.

449 views • 18 slides
CREDENTIALING AND PRIVILEGING CVOs Credentials Verification Organizations Organization may

CREDENTIALING AND PRIVILEGING CVOs Credentials Verification Organizations Organization may

CREDENTIALING AND PRIVILEGING CVOs Credentials Verification Organizations Organization may elect to rely on a Credentials Verification Organization (CVO) to conduct primary source verification of an applicants credentials. * Prior to

467 views • 21 slides
1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7

1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7

1. 2. 3. 1. 2. 3. Windows 10 IoT Core Universal Windows Platform (UWP) Microsoft Azure v7 v8 Windows Embedded Standard One core Multiple SKUs v8. Windows Embedded 1 Windows 10 Windows Embedded Handheld Converged OS kernel Converged

1.08k views • 60 slides
Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS

Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS

Windows 8/RT and Wine Admittedly not usually ARM-specific Ridiculous Terminology MS introduced a mess of new terms for Windows 8, and I have to go through them so we dont get confused. Windows RT: An edition of Windows 8 that runs on

389 views • 8 slides
26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE Anyone who wants to understand Windows security

26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE Anyone who wants to understand Windows security

CHAPTER 26 W INDOWS S ECURITY 26.1 FUNDAMENTAL WINDOWS SECURITY ARCHITECTURE.................. 2 26.2 WINDOWS VULNERABILITIES ................................................. 18 26.3 WINDOWS SECURITY DEFENSES

537 views • 43 slides
Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System

Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System

Installing and Demonstrating Cantera 1.7 for Windows ChE 641 Combustion Modeling System Requirements A PC running MS Windows 2000, or Windows XP Matlab (6.5, 2007a/b or 2008a/b) Python 2.5 Download the Windows installer from

288 views • 10 slides
The Evaluation of Immigrant Credentials Dietz, Esses, Joshi, Bonnet-Abu Ayyouh Issue: What role

The Evaluation of Immigrant Credentials Dietz, Esses, Joshi, Bonnet-Abu Ayyouh Issue: What role

The Evaluation of Immigrant Credentials Dietz, Esses, Joshi, Bonnet-Abu Ayyouh Issue: What role do three factors play in the evaluation of educational credentials: 1. Immigrant status 2. Accreditation (or not) of foreign credentials 3. Race

547 views • 15 slides

More recommend