John Strand "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008 (Hacking Illustrated Series InfoSec Tutorial Videos)

Help Irongeek.com pay for
bandwidth and research equipment:

Web Hosting By:

Sponsored by:

Vulnerability scanner – Download FREEWARE!

Affiliates:

Irongeek's Featured Links:

IT Security Computer Training Videos

Self Luminous Exit Signs

Web Hosting:
Help Irongeek.com pay for bandwidth and research equipment:

John Strand "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008 (Hacking Illustrated Series InfoSec Tutorial Videos) John Strand - "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008

John Strand gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. He gives a fascinating talk about why "security in depth" is dead, and lives again. John then goes on to demo Evilgrade, using msfpayload and obscuring it against signature based malware detection, dumping SAM hashes with the Metasploit Meterpreter and using a patched Samba client to pass the hash and compromise a system. I'd like to thank John for letting me record his talk.

Advanced Hacking Techniques & Defenses

Printable version of this article

blog comments powered by Disqus

Ten most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.