PASS-THE-HASH 2: THE ADMIN'S REVENGE

Black Hat USA 2013

Presented by: Chris Campbell, Alva Duckwall (Skip)
Date: Thursday August 01, 2013
Time: 10:15 - 11:15
Location: Roman 4

Some vulnerabilities just can't be patched. Pass-The-Hash attacks against Windows enterprises are still successful and are more popular than ever. Since the PTH-Suite was released at Black Hat last year, Microsoft published their guide for mitigating the attack. Skip and Chris will cover some of the shortcomings in their strategies and offer practical ways to detect and potentially prevent hashes from being passed on your network. Learn how to stop an attacker's lateral movement in your enterprise.

Alva Duckwall

Alva "Skip" Duckwall has been using Linux back before there was a 1.0 kernel and has since moved into the information security arena doing anything from computer/network auditing, to vulnerability assessments and penetration testing. Skip holds the following certs: GSE, CISSP, CISA, and RHCE. Skip currently works for Accuvant Labs doing penetration testing.

Chris Campbell

Chris Campbell (obscuresec) is a security researcher and former operator on the US Army Red Team. He contributes to the PowerSploit project and has presented at BlackHat, Derbycon, BsidesLV, BsidesPR and Shmoocon Firetalks.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats