Lunch Break
Module 5: What motivates hackers?
Module 6: Pass the Hash
Module 7: Windows Security Capabilities and Tools
Module Insights
Explore the major thread coming with
pass-the-hash and the mitigation
options available.
Pass the Hash
Every time you connect to the internet, you have instant and direct
IP connectivity to…
Internet cafes in Ideological
Movements
vacation spots
Nation
States
Wonderful Internet
Services Activities
Pass-the-Hash Definition
Username/
Username/
Hash
Hash
Username/
Password
Pass-the-Hash Technique
User A/ User B/
User A/ User B/
Hash A Hash B
Hash A Hash B
Attack Scenario
Attack activities Description
Lateral movement In this activity, the attacker uses the credentials obtained from a compromised
computer to gain access to another computer of the same value to the organization
Privilege escalation In this activity, the attacker uses the credentials obtained from a compromised
computer to gain access to another computer of a higher value to the organization.
Typical Pass The Hash Attack
Power:
Domain
Controllers 1. Bad guy targets workstations
2. User running as local admin compromised,
Bad guy harvests credentials.
3. Bad guy uses credentials for lateral traversal
Data: 4. Bad guy acquires domain admin credentials and
Servers and associated privileges – privilege escalation
Applications
5. Bad guy has direct or indirect access to
read/write/destroy data and systems in the
environment.
Access:
Users and
Workstations
DEMO
Windows Credential Editor NTLM Pass-the-Hash
DEMO
Crack the Hash
Why can’t Microsoft release an update to fix it?
These accounts
Pass the haveother
Hash and complete control
credential over
theft the computer’s
attacks exploit the memory, disks,
access that an
and processor
attacker gains by compromising an accountresources.
in the local administrators group.
Current Guidance
• Highlighted best
practices and dispelled
urban legends.
Connect with the speakers!
@ErdalOzkaya @MiladPFE
http://erdalozkaya.com/ https://www.facebook.com/milad.aslaner
TechNet Virtual Labs
Deep technical content and Hands-on deep technical labs Free, online,
free product evaluations technical courses
Download Microsoft software trials Find Hand On Labs. Take a free online course.
today.