ABUSING MICROSOFT KERBEROS: SORRY YOU GUYS DON'T GET IT

Black Hat USA 2014

Presented by: Benjamin Delpy, Alva Duckwall (Skip)
Date: Thursday August 07, 2014
Time: 11:45 - 12:45
Location: South Seas CD

Microsoft Active Directory uses Kerberos to handle authentication requests by default. However, if the domain is compromised, how bad can it really be? With the loss of the right hash, Kerberos can be completely compromised for years after the attacker gained access. Yes, it really is that bad.

In this presentation Skip Duckwall, @passingthehash on twitter and Benjamin Delpy, @gentilkiwi on twitter and the author of Mimikatz, will demonstrate just how thoroughly compromised Kerberos can be under real world conditions.

Prepare to have all your assumptions about Kerberos challenged!

Alva Duckwall

Alva "Skip" Duckwall has been using Linux back before there was a 1.0 kernel and has since moved into the information security arena doing anything from computer/network auditing, to vulnerability assessments and penetration testing. Skip holds the following certs (among others) :GSE, CISSP, CISA, and RHCE.

Benjamin Delpy

Benjamin Delpy, is a security researcher know as 'gentilkiwi'. Security enthusiast, he publishes tools and articles in order to speak about product weaknesses and to prove some of his ideas. Mimikatz was his first software that reached an international audience. It is now recognized as a Windows security audit tool - http://blog.gentilkiwi.com/mimikatz


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats