Schedule Camp++ 0x7e1

A new vector for stealing NTLM hashes - how Windows is giving out your hashes since XP.

During one of our IT security investigation we have observed an undocumented Windows feature which leaks much valued hashes from the system. No complicated exploitation is needed to play the trick we will present and it can drastically speed up owning all the users in the systems and reaching to domain administration privileges.

Info

Day: 2017-07-07
Start time: 18:10
Duration: 00:40
Room: Klapka
Track: /r/netsec

Links:

• iCalendar
• This talk at BSidesBud 2017
• This talk at hack.lu 2016

Files

• Latest version of the talk, but for Camp++ we would update it with more demo, less talk.