KZhead
Ғылым және технология

Pass-the-Hash: How Attackers Spread and How to Stop Them

Mark Russinovich
2024 ж. 22 Мам.
20 543 Рет қаралды
Жүктеу

Pass-the-hash transforms the breach of one machine into total compromise of infrastructure. The publication of attacks and lack of tools to respond have forced enterprises to rely on onerous and ineffective techniques. In this session, we deconstruct the PtH threat, show how the attack is performed, and how it can be addressed using new features and functionality recently introduced in Windows.
Filmed at TechEd 2014

Пікірлер

  • the best thing happened in 2020 is mark made an KZhead channel, lots of respect

    @sami9348@sami93483 жыл бұрын

    • This! :D

      @kochv87@kochv873 жыл бұрын

  • Could listen to mark talk about windows all day thanx mark

    @arjay1337@arjay13373 ай бұрын

  • That linux style reboot attempt at 53:58 😊 These videos are goldmine. After years of business applications programming, my curiosity for low-level coding is rekindled.

    @onuktav@onuktav Жыл бұрын

  • These talks are amazing. Learning so much through them.

    @ryansbr2096@ryansbr2096 Жыл бұрын

  • Really interesting, thanks for sharing! I guess things have changed since 2014 but the essentials are the same.

    @cobealex@cobealex3 жыл бұрын

  • The Sue domain admin thing can be fixed btw muuuch easier: don't use domain admin accounts on any user control workstation, especially not on ones, where users have local admin rights, but even if none of them has (which is how it should be), dont use domain admin accounts on workstations :)

    @Lofote@Lofote Жыл бұрын

  • But why even today mimikatz can still works in window 2016 and later? BTW my friend said if your environment is all domain joined use kerberos authentication ticket.the penetration test using the mimikatz won't work?is that so

    @jerryxie777@jerryxie7773 жыл бұрын

    • why should it not work? there are possibilities to use an isolated kernel (see Sami Laiho videos about that), then it can't work. But if you dont configure it that way, mimikatz doesnt use bugs

      @Lofote@Lofote Жыл бұрын

    • @@Lofote Sure. I know now, first time I know mimikatz is in 2016 from microsoft webcast. then I patch the the update for the company.however it don't work at all. 3 years later I change to another company. then I recommend update to windows 2018 for new security infra to solve this . but failed. all these make me embarrassed😅

      @jerryxie777@jerryxie777 Жыл бұрын

  • the mimikatz "logo" broadcast uncensored like this by these people for this crowd is kinda hilarious

    @peppigue@peppigue Жыл бұрын

  • Helloiamron

    @OwnerenmenGergely@OwnerenmenGergely29 күн бұрын
KZhead