Artwork

Contenido proporcionado por Black Hat and Jeff Moss. Todo el contenido del podcast, incluidos episodios, gráficos y descripciones de podcast, lo carga y proporciona directamente Black Hat and Jeff Moss o su socio de plataforma de podcast. Si cree que alguien está utilizando su trabajo protegido por derechos de autor sin su permiso, puede seguir el proceso descrito aquí https://es.player.fm/legal.
Player FM : aplicación de podcast
¡Desconecta con la aplicación Player FM !

Daiji Sanai and Hidenobu Seki: Optimized Attack for NTLM2 Session Response (Japanese)

53:03
 
Compartir
 

Manage episode 155121170 series 1146743
Contenido proporcionado por Black Hat and Jeff Moss. Todo el contenido del podcast, incluidos episodios, gráficos y descripciones de podcast, lo carga y proporciona directamente Black Hat and Jeff Moss o su socio de plataforma de podcast. Si cree que alguien está utilizando su trabajo protegido por derechos de autor sin su permiso, puede seguir el proceso descrito aquí https://es.player.fm/legal.
"Windows 2000 SP3 or later and Windows XP now use a new network logon authentication method by default, the NTLM2 Session Response. Employed by Windows 2000, this unproven authentication method is considered to reduce the vulnerability found in network LM and NTLM v1 authentication. In this session, we will describe and demonstrate our audit approach for detecting easy-to-crack passwords from packets traveling on the network in real time. This approach was developed based on our thorough investigation of the characteristics of this NTLM2 Session Response. We will also discuss the possibility of attacks being attempted against Windows XP SP2 and the differences between our approach and the famous rainbow table used for analyzing Windows passwords. Daiji Sanai, President & CEO, SecurityFriday Co., Ltd. Best known as a specialist in the field of personal information security, Daiji Sanai has a long history engaging in a wide variety of activities to address security issues associated with personal information. In 2000, he organized a network security research team, SecurityFriday.com, and has continued his technology research as a leader, focusing on intranet security. In 2001 Daiji Sanai presented ""Promiscuous Node Detection Using ARP Packets"" at the BlackHat Briefings USA in Las Vegas. In 2003, SecurityFriday Co., Ltd. was founded based on his research team, and he was named President and Chief Executive Officer. Hidenobu Seki, aka Urity works as a network security specialist at SecurityFriday Co., Ltd in Japan. He has published many tools, ScoopLM/BeatLM/GetAcct/RpcScan etc. He has been a speaker at the Black Hat Windows Security 2002, 2003 and 2004."
  continue reading

22 episodios

Artwork
iconCompartir
 
Manage episode 155121170 series 1146743
Contenido proporcionado por Black Hat and Jeff Moss. Todo el contenido del podcast, incluidos episodios, gráficos y descripciones de podcast, lo carga y proporciona directamente Black Hat and Jeff Moss o su socio de plataforma de podcast. Si cree que alguien está utilizando su trabajo protegido por derechos de autor sin su permiso, puede seguir el proceso descrito aquí https://es.player.fm/legal.
"Windows 2000 SP3 or later and Windows XP now use a new network logon authentication method by default, the NTLM2 Session Response. Employed by Windows 2000, this unproven authentication method is considered to reduce the vulnerability found in network LM and NTLM v1 authentication. In this session, we will describe and demonstrate our audit approach for detecting easy-to-crack passwords from packets traveling on the network in real time. This approach was developed based on our thorough investigation of the characteristics of this NTLM2 Session Response. We will also discuss the possibility of attacks being attempted against Windows XP SP2 and the differences between our approach and the famous rainbow table used for analyzing Windows passwords. Daiji Sanai, President & CEO, SecurityFriday Co., Ltd. Best known as a specialist in the field of personal information security, Daiji Sanai has a long history engaging in a wide variety of activities to address security issues associated with personal information. In 2000, he organized a network security research team, SecurityFriday.com, and has continued his technology research as a leader, focusing on intranet security. In 2001 Daiji Sanai presented ""Promiscuous Node Detection Using ARP Packets"" at the BlackHat Briefings USA in Las Vegas. In 2003, SecurityFriday Co., Ltd. was founded based on his research team, and he was named President and Chief Executive Officer. Hidenobu Seki, aka Urity works as a network security specialist at SecurityFriday Co., Ltd in Japan. He has published many tools, ScoopLM/BeatLM/GetAcct/RpcScan etc. He has been a speaker at the Black Hat Windows Security 2002, 2003 and 2004."
  continue reading

22 episodios

すべてのエピソード

×
 
Loading …

Bienvenido a Player FM!

Player FM está escaneando la web en busca de podcasts de alta calidad para que los disfrutes en este momento. Es la mejor aplicación de podcast y funciona en Android, iPhone y la web. Regístrate para sincronizar suscripciones a través de dispositivos.

 

Guia de referencia rapida