A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Credential Assessment: Mapping Privilege Escalation at Scale - Matt Weeks Derbycon 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Credential Assessment: Mapping Privilege Escalation at Scale
Matt Weeks
Derbycon 2015

In countless intrusions from large retail giants to oil companies, attackers have progressed from initial access to complete network compromise. In the aftermath, much ink is spilt and products are sold on how the attackers first got a shell and how the malware they used could or could not have been detected, while little attention is given to the credentials they found that turned their access on a single-system into thousands more. This process, while critical for offensive operations, is often complex, involving many links in the escalation chain composed of obtaining credentials on system A that grant access to system B and credentials later used on system B that grant further access, etc. We'll show how to identify and combat such credential exposure at scale with the framework we developed. We comprehensively identify exposed credentials and automatically construct the compromise chains to identify maximal access and privileges gained, useful for either offensive or defensive purposes.

Matt Weeks has extensive experience in offensive and defensive information security operations, research, and software development. He is currently the director of root9B's research and development arm. He uncovered numerous vulnerabilities in widely-used software, created a significant portion of the Metasploit framework, spoke at numerous conferences including DEFCON and Black Hat, and broke a cryptosystem based on chaos theory. He runs the site https://scriptjunkie.us/

@scriptjunkie1

Back to Derbycon 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast