PaulDotCom mailing list archives

Re: Kerberos/pass-the-hash

From: Michael Salmon <lonestarr13 () gmail com>
Date: Sun, 16 Jun 2013 21:59:38 -0400

Have you seen this article:
http://www.infoworld.com/d/security-central/dont-count-kerberos-thwart-pass-the-hash-attacks-871
It also the end of the article references and links two articles from SANS
Reading Room and the Taming the beast: Assess Kerberos-protected network,
Blackhat presentation.  The info is dated.. from back 2010 or earlier.

This seems interesting too:
https://www.hacking-lab.com/misc/downloads/event_2010/daniel_stirnimann_pass_the_hash_attack.pdf,
a lot of repeated info but there are other references at the end.  It also
has pictures... I like pictures...

There was a more recent Blackhat talk about passing the hash and discusses
Kerberos:
http://media.blackhat.com/bh-us-12/Briefings/Duckwall/BH_US_12_Duckwall_Campbell_Still_Passing_WP.pdf
http://media.blackhat.com/bh-us-12/Briefings/Duckwall/BH_US_12_Duckwall_Campbell_Still_Passing_Slides.pdf
Official blog: http://passing-the-hash.blogspot.com

Hope this is close to what you are looking for.


On Fri, Jun 14, 2013 at 9:51 AM, Chris Campbell <chris () ctcampbell com>wrote:

Hi All,

Can anyone recommend a good quality technical paper on pass-the-hash
attacks in relation to Kerberos?

Cheers.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Kerberos/pass-the-hash Chris Campbell (Jun 15)
- Re: Kerberos/pass-the-hash Michael Salmon (Jun 17)