7MS #526: Tales of Pentest Pwnage - Part 37 261m53

Today's another fun tale of pentest pwnage - specifically focused on cracking a hash type I'd...

Today's another fun tale of pentest pwnage - specifically focused on cracking a hash type I'd never paid much attention to before: cached domain credentials. I also learned that you can at least partially protect against this type of hash being captured by checking out this article, which has you set the following setting in GPO:
Under Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options set Interactive logon: Number of previous logons to cache to 0. Be careful, as you will have problems if a domain controller is not immediately accessible!
In regards to defending against secretsdump, this article I found this article to be super interesting.

7MS #527: First Impressions of Purple Knight +1 año 52:48 7MS #528: Securing Your Family During and After a Disaster - Part 6 +1 año 40:57 7MS #529: Interview with Matthew Warner of Blumira +1 año 01:13:53 7MS #530: Tales of Pentest Pwnage - Part 38 +1 año 47:52 7MS #531: Interview with Christopher Fielder and Eugene Grant of Arctic Wolf +1 año 57:26 Ver más en APP Comentarios del episodio 296c42