Artwork

المحتوى المقدم من Black Hat and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
Player FM - تطبيق بودكاست
انتقل إلى وضع عدم الاتصال باستخدام تطبيق Player FM !

Daiji Sanai and Hidenobu Seki: Optimized Attack for NTLM2 Session Response (English)

51:51
 
مشاركة
 

Manage episode 155121171 series 1146743
المحتوى المقدم من Black Hat and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
"Windows 2000 SP3 or later and Windows XP now use a new network logon authentication method by default, the NTLM2 Session Response. Employed by Windows 2000, this unproven authentication method is considered to reduce the vulnerability found in network LM and NTLM v1 authentication. In this session, we will describe and demonstrate our audit approach for detecting easy-to-crack passwords from packets traveling on the network in real time. This approach was developed based on our thorough investigation of the characteristics of this NTLM2 Session Response. We will also discuss the possibility of attacks being attempted against Windows XP SP2 and the differences between our approach and the famous rainbow table used for analyzing Windows passwords. Daiji Sanai, President & CEO, SecurityFriday Co., Ltd. Best known as a specialist in the field of personal information security, Daiji Sanai has a long history engaging in a wide variety of activities to address security issues associated with personal information. In 2000, he organized a network security research team, SecurityFriday.com, and has continued his technology research as a leader, focusing on intranet security. In 2001 Daiji Sanai presented ""Promiscuous Node Detection Using ARP Packets"" at the BlackHat Briefings USA in Las Vegas. In 2003, SecurityFriday Co., Ltd. was founded based on his research team, and he was named President and Chief Executive Officer. Hidenobu Seki, aka Urity works as a network security specialist at SecurityFriday Co., Ltd in Japan. He has published many tools, ScoopLM/BeatLM/GetAcct/RpcScan etc. He has been a speaker at the Black Hat Windows Security 2002, 2003 and 2004."
  continue reading

22 حلقات

Artwork
iconمشاركة
 
Manage episode 155121171 series 1146743
المحتوى المقدم من Black Hat and Jeff Moss. يتم تحميل جميع محتويات البودكاست بما في ذلك الحلقات والرسومات وأوصاف البودكاست وتقديمها مباشرة بواسطة Black Hat and Jeff Moss أو شريك منصة البودكاست الخاص بهم. إذا كنت تعتقد أن شخصًا ما يستخدم عملك المحمي بحقوق الطبع والنشر دون إذنك، فيمكنك اتباع العملية الموضحة هنا https://ar.player.fm/legal.
"Windows 2000 SP3 or later and Windows XP now use a new network logon authentication method by default, the NTLM2 Session Response. Employed by Windows 2000, this unproven authentication method is considered to reduce the vulnerability found in network LM and NTLM v1 authentication. In this session, we will describe and demonstrate our audit approach for detecting easy-to-crack passwords from packets traveling on the network in real time. This approach was developed based on our thorough investigation of the characteristics of this NTLM2 Session Response. We will also discuss the possibility of attacks being attempted against Windows XP SP2 and the differences between our approach and the famous rainbow table used for analyzing Windows passwords. Daiji Sanai, President & CEO, SecurityFriday Co., Ltd. Best known as a specialist in the field of personal information security, Daiji Sanai has a long history engaging in a wide variety of activities to address security issues associated with personal information. In 2000, he organized a network security research team, SecurityFriday.com, and has continued his technology research as a leader, focusing on intranet security. In 2001 Daiji Sanai presented ""Promiscuous Node Detection Using ARP Packets"" at the BlackHat Briefings USA in Las Vegas. In 2003, SecurityFriday Co., Ltd. was founded based on his research team, and he was named President and Chief Executive Officer. Hidenobu Seki, aka Urity works as a network security specialist at SecurityFriday Co., Ltd in Japan. He has published many tools, ScoopLM/BeatLM/GetAcct/RpcScan etc. He has been a speaker at the Black Hat Windows Security 2002, 2003 and 2004."
  continue reading

22 حلقات

كل الحلقات

×
 
Loading …

مرحبًا بك في مشغل أف ام!

يقوم برنامج مشغل أف أم بمسح الويب للحصول على بودكاست عالية الجودة لتستمتع بها الآن. إنه أفضل تطبيق بودكاست ويعمل على أجهزة اندرويد والأيفون والويب. قم بالتسجيل لمزامنة الاشتراكات عبر الأجهزة.

 

دليل مرجعي سريع