“Puff, Puff, Pass: Getting the Most Out of Your Hash” An Intro to Linux Post-Exploitation Fun With Windows Hashes

DerbyCon 2.0 - The Reunion

Presented by: Chris Campbell, Alva Duckwall (Skip)
Date: Saturday September 29, 2012
Time: 09:00 - 09:50
Location: Track 1
Track: Break Me

Dude, I got the hash, now what? Interact with Microsoft services, file shares, databases, and execute commands on Windows servers with password hashes. Skip and Chris will demonstrate the usage of various Linux tools that take hashes and the fun that can be had with hashes post-exploitation.

Alva Duckwall

spoke at defcon 19 /blackhat USA 2012; performs full scope pen tests @passingthehash

Chris Campbell

spoke at Bsides LV 2012 / blackhat USA 2012; performs full scope pen tests @obscuresec