Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

The Knowledge Archives
The Knowledge Archives
RSS Links

RSS - Posts
RSS - Comments
Email Subscription

Subscribe to receive notifications of new posts by email.

Email Address:

Join 2,441 other subscribers
Categories
- Active Directory Certificate Services (ADCS) (30)
  - CAPOLICY.INF (2)
  - Certificate Templates (2)
  - Certificates (3)
  - Learning Guide (1)
  - OCSP (13)
  - SHA1 (1)
- Active Directory Domain Services (ADDS) (320)
  - Account Expiration Notification (1)
  - Active Directory Users And Computers (2)
  - Active Directory Web Service (2)
  - AD Queries (30)
  - ADSIEDIT (2)
  - Auditing (11)
  - AuthN (7)
  - Azure AD Connect Health (3)
  - Backup And Restore (7)
  - Confidential (1)
  - Conflicting Objects (1)
  - Data Set (1)
  - DC Locator (8)
  - Deactivate/Defunct (1)
  - Delegation (5)
  - Delegation Of Control (18)
  - Documentation (1)
  - Domain Join (3)
  - DomainPrep (1)
  - Fine Grained Password Policies (12)
  - Forest Recovery (7)
  - ForestPrep (1)
  - FSMO (2)
  - Functional Levels (1)
  - Group Policy Objects (5)
  - Group Policy Preferences (2)
  - Indexing (4)
  - Install From Media (1)
  - KCC (8)
  - Kerberos AuthN (24)
  - Kerberos Constrained Delegation (3)
  - KrbTgt Account (9)
  - Last Logon Information (4)
  - LDAPS (1)
  - LDP (2)
  - Lingering Objects (1)
  - Metadata Cleanup (10)
  - Naming/Limits (1)
  - NTLM AuthN (12)
  - Object Deletion/Restore (13)
  - Password Expiration Notification (7)
  - Passwordless (1)
  - Passwords (14)
  - Performance (1)
  - Promotion/Demotion (17)
  - Ransomware (1)
  - Read-Only Domain Controller (8)
  - Replication (32)
  - RODCPrep (1)
  - Schema (21)
  - Security (18)
  - Selective AuthN (1)
  - Sizing (2)
  - SYSVOL (21)
  - Trusts (7)
  - Updates (1)
  - Upgrade (1)
  - Vulnerability (2)
  - What's New (1)
- Active Directory Federation Services (ADFS) (126)
  - Attribute Store (1)
  - Auditing (1)
  - Auto Certificate Rollover (3)
  - Azure AD / Office 365 (5)
  - Azure AD Connect Health (1)
  - Azure AD MFA Adapter (7)
  - Certificate Based AuthN (2)
  - Certificates (15)
  - Claim Types (5)
  - Claims (5)
  - Claims Based Apps (6)
  - Claims Rule Language (10)
  - Configuration (2)
  - DB On SQL (3)
  - DB On WID (6)
  - Device Registration (2)
  - Endpoints (1)
  - Enterprise PRT (1)
  - Export/Import (2)
  - Farm (3)
  - Federation Metadata (9)
  - Federation Trusts (11)
  - Forms Based AuthN (4)
  - Hardening (1)
  - Home Realm Discovery (HRD) (3)
  - Identity Stores (3)
  - IdP-Initiated (3)
  - JWT Tokens (1)
  - Kerberos Constrained Delegation (1)
  - Migration (5)
  - onload.js (2)
  - Ports (3)
  - Pre-Authentication (1)
  - Proxy Service (5)
  - RelayState (1)
  - SALESFORCE.COM (1)
  - Security Token Service (STS) (16)
  - Security Tokens (5)
  - Service Account (2)
  - Shibboleth (1)
  - StandAlone (2)
  - Tracing (1)
  - Transform Rules (6)
  - Troubleshooting (2)
  - Updates (8)
  - Upgrading (2)
  - Version (1)
  - Web Application Proxy (7)
  - Web Themes (1)
  - What's New (1)
  - Windows Integrated AuthN (5)
  - Workplace Join (2)
- Active Directory Lightweight Directory Services (ADLDS) (7)
  - Data Set (1)
  - Functional Level (1)
  - LDAPS (1)
- Apple (1)
  - iPad (1)
- Batch Script (4)
- Beta/RC Stuff (58)
- Blog (1)
- Blog Post Series (62)
- Certificates (2)
- Cloud Services (3)
- Company/Employer Stuff (13)
- Conferences (37)
- Core Networking Services (12)
  - NTP (6)
- Cyber Attack (1)
- Day-To-Day Stuff (118)
- Design Guides (30)
- Exchange Server (24)
  - OWA (1)
- Field Experiences (10)
- Firewall (1)
- Forefront Identity Manager (FIM) bHold (23)
  - Updates (16)
- Forefront Identity Manager (FIM) Certificate Management (40)
  - Troubleshooting (2)
  - Updates (19)
- Forefront Identity Manager (FIM) PCNS (9)
  - Updates (7)
- Forefront Identity Manager (FIM) Portal (101)
  - Activities (1)
  - Backup/Export (1)
  - Calendar (1)
  - Data Set (1)
  - Logon/Access (1)
  - Mail Template (1)
  - MPR (2)
  - PowerShell (1)
  - RCDC (5)
  - Search Scopes (1)
  - Self Service Password Reset (4)
  - SET (4)
  - Tools (2)
  - Troubleshooting (3)
  - Updates (21)
  - User Verification (1)
  - Workflow (5)
  - Xpath (2)
- Forefront Identity Manager (FIM) Sync (78)
  - Backup/Export (1)
  - Connector/MA (9)
  - CSExport (2)
  - GAL Sync (2)
  - Tools (4)
  - Troubleshooting (1)
  - Updates (23)
- Hardware/Devices (1)
- Identity Lifecycle Manager (ILM) (22)
- Intune (1)
- IT News (22)
- IT Pro Tools (14)
- KB Articles (1)
- Literature (1)
- MCP/MCT (2)
- Microsoft (4)
- Microsoft Authenticator App (3)
- Microsoft Identity Manager (MIM) (11)
  - PCNS (1)
  - Portal (1)
  - Updates (6)
- Migration/Upgrade (11)
  - ADMT (3)
  - PES (3)
- Mobile Devices (2)
- MVP (22)
- Networking (8)
- OCS/Lync Server (4)
- Office (1)
- Office 365 (5)
  - DirSync (2)
  - SSO (3)
  - Troubleshoot (1)
- Outlook.com (1)
- Password-Less (2)
- Personal Stuff (17)
- PowerShell (125)
- SaaS Apps (1)
- Security (8)
- Sharepoint Server (16)
- SQL Server (4)
- Tooling/Scripting (123)
- Uncategorized (8)
- VB Script (7)
- Virtualization (26)
- Windows Azure (2)
- Windows Azure Active Directory (147)
  - App Access Management (1)
  - Azure AD Administrative Units (11)
  - Azure AD Application Proxy Connector (1)
  - Azure AD B2B (1)
  - Azure AD B2C (2)
  - Azure AD Connect (70)
    - Documenter (1)
  - Azure AD Connect Health (6)
  - Azure AD Domain Services (DCaaS) (2)
  - Azure AD Graph (2)
  - Azure AD Identity Protection (3)
  - Azure AD Join (6)
  - Azure AD Password Protection (12)
  - Azure AD PRT (1)
  - Azure AD Sync (8)
  - Branding (1)
  - Certificates (2)
  - Conditional Access (4)
  - Data Set (1)
  - DirSync (3)
  - Microsoft Graph (8)
  - Monitoring/Reporting (1)
  - Multi-Factor AuthN (13)
  - Pass Through Authentication (2)
  - Password Hash Sync (PHS) (1)
  - Passwordless (1)
  - Passwords (11)
  - Portals (2)
  - RBAC (3)
  - Rights Management (1)
  - Self-Service Group Management (1)
  - Self-Service Password Reset (6)
  - SSO (5)
  - Trial (1)
  - Troubleshoot (2)
- Windows Client (68)
  - Apps (1)
  - Event Log (1)
  - Remote Server Administration Tools (3)
  - Security (1)
  - Updates (2)
  - User Rights (1)
  - WH4B (3)
- Windows Server (157)
  - Event Log (1)
  - Remote Server Administration Tools (2)
  - Security (1)
  - Server Core (2)
  - Support (1)
  - System Wide Proxy Settings (2)
  - Updates (5)
  - User Rights (1)
- Yammer (1)
  - DirSync (1)

Archive for the ‘Security’ Category

(2013-07-16) Credential Theft And Reuse – Risks And Mitigations

Posted by Jorge on 2013-07-16

Today I watched a very interesting presentation about “Pass-The-Hash” and other credential theft and reuse scenarios. In addition to the presentation, there is also a document with more detailed info.

–

Presentation: Pass the Hash and Other Credential Theft and Reuse: Preventing Lateral Movement and Privilege Escalation

Document: Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques

–

Information about the tool (Windows Credential Editor, WCE) used:

–

WARNING: DO NOT USE THESE TOOLS IN ANY PRODUCTION ENVIRONMENT! ONLY USE IT IN YOUR ISOLATED TEST ENVIRONMENT AFTER APPROVAL!!!

–

Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————

Posted in Security, Security, Windows Client, Windows Server | 1 Comment »

%d bloggers like this:

Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

For Ad Free Blog

Social Media

Profiles

Statistics

Other Cool Blogs

Interesting Places To Visit

The Knowledge Archives

RSS Links

Email Subscription

Categories

Archive for the ‘Security’ Category

(2013-07-16) Credential Theft And Reuse – Risks And Mitigations

Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

For Ad Free Blog

Social Media

Profiles

Statistics

Other Cool Blogs

Interesting Places To Visit

The Knowledge Archives

RSS Links

Email Subscription

Categories

Archive for the ‘Security’ Category

(2013-07-16) Credential Theft And Reuse – Risks And Mitigations

Share this:

Like this: