This is cache of http://feedproxy.google.com/~r/IrongeeksSecuritySite/~3/WiXcZ3wY5Ls/i.php. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.
John Strand - "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008
2008-10-11 16:08:29 by Editor in Irongeek's Security Site
 
John Strand - "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008
John Strand gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. He gives a fascinating talk about why "security in depth" is dead, and lives again. John then goes on to demo Evilgrade, using msfpayload and obscuring it against signature based malware detection, dumping SAM hashes with the Metasploit Meterpreter and using a patched Samba client to pass the hash and compromise a system. I'd like to thank John for letting me record his talk.

 
Tags: john strand, john, louisville infosec, msfpayload, demo evilgrade, defenses, samba client, demos, sam hashes
 
 
 
 
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia