HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Extract authentication data from Windows memory
Go to: HSC Trainings
Search:  
Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication
 
 
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Extract authentication data from Windows memory  
> Access to the content HTML Beginning of the presentation
PDF PDF version [316Ko KB]  
> Description  
> Context & Dates Talk presented during GS Days, on 4 April 2013.
 
> Author Steeve Barbeau (Steeve.Barbeau@hsc.fr) 
> Type [ French - HTML ]  
> Abstract &
Table of content
Flyleaf
Hervé Schauer Consultants
Sommaire
Introduction
Algorithmes utilisés
Stockage des mots de passe
Stockage des mots de passe
Stockage des mots de passe
Stockage des mots de passe
Processus d'authentification
Processus d'authentification
Processus d'authentification
Processus d'authentification
Extraction en mémoire - Windows NT & Windows 2000
Extraction en mémoire Post Windows XP : Pré-requis
Extraction en mémoire Post Windows XP : Pré-requis
Extraction en mémoire Post Windows XP : Pré-requis
Extraction en mémoire Post Windows XP : Extraction des empreintes
Extraction en mémoire Post Windows XP : Extraction des mots de passe
Extraction en mémoire Post Windows XP : Déchiffrement des données en mémoire
Extraction en mémoire Post Windows XP : Déchiffrement des données en mémoire
Extraction en mémoire Post Windows XP : Déchiffrement des données en mémoire
Outils réalisés : Findpass
Outils réalisés : Scripts Python
Outils réalisés : Sessiondump
Outils réalisés : Sessiondump
Outils réalisés : Sessiondump
Scénario d'attaque
Recommandations
Conclusion
Questions  
> Related documents
themeAuthentication
[Presentation]  DNS Finger - Sharing identity via the DNS [7 June 2012 - French]
[Presentation]  Dumping Windows password hashes [10 May 2011 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Presentation]  Identity Management [17 December 2004 - French]
[Tip]  PFS property in key interchange protocoles [17 October 2003 - ]
[Tip]  MD5 signatures in TCP [14 August 2003 - ]
[Tip]  HTTP/HTTPS authentication methods [10 March 2003 - French]
[Presentation]  802.11b Wireless Networks Security and Authentication [9 July 2002 - French]
[Presentation]  Managing Wireless Networks in the Enterprise [27 June 2002 - English]
[Tip]  X509 certificats revocation [14 June 2002 - French]
[Article]  Authentication [20 September 2000 - French]
[Presentation]  Tokens : end of the password ? [8 February 1994 - French]
themePasswords
[Presentation]  Dumping Windows password hashes [10 May 2011 - French]
[Presentation]  Rainbow Tables and accents characters on Windows [31 May 2007 - French]
[Tip]  HTTP/HTTPS authentication methods [10 March 2003 - French]
[Article]  Methods for cracking and strengthening passwords - Second part : UNIX [February 2003 - French]
[Article]  Methods for cracking and strengthening passwords - First part : Windows [April 2002 - French]
[Presentation]  Methods for cracking and strengthening passwords [24 May 2000 - French]
[Presentation]  Methods for cracking and strengthening passwords [24 November 1999 - French]
[Presentation]  Cracking Windows NT passwords [8 February 1999 - French]
[Presentation]  Tokens : end of the password ? [8 February 1994 - French]
themeMicrosoft
[Presentation]  Analysis of the encryption structures provided by BitLocker [3 April 2012 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Presentation]  Security and public utilities - interest and set up of free software [19 September 2002 - French]
[Techno-watch]  CanSecWest 2002 Conference [4 May 2002 - French]
[Presentation]  Microsoft & Security: Beware Danger [13 March 2001 - French]
[Techno-watch]  Intranet by Microsoft [14 October 1996 - French]
themeSingle Sign-On
[Presentation]  Identity Management [17 December 2004 - French]
[Article]  Authentication [20 September 2000 - French]
[Techno-watch]  SSO conference at the Clusif [10 May 2000 - French]
themeWindows
[Course]  Windows Security
[Course]  Securing Windows - SANS SEC505
[Presentation]  Skyrack, rop for masses [17 June 2011 - English]
[Presentation]  Dumping Windows password hashes [10 May 2011 - French]
[Tool]  SSToPer tool [A Linux implementation for SSTP client - English]
[Presentation]  Rainbow Tables and accents characters on Windows [31 May 2007 - French]
[Presentation]  Workstation Security [29 March 2007 - French]
[Tip]  Presentation of Alternates Data Stream (ADS) of NTFS [28 October 2005 - French]
[Presentation]  MSRPC NULL sessions - exploitation and protection [29 June 2005 - English]
[Tip]  Windows remote administration tools overview [15 June 2005 - English]
[Article]  Windows log files [6 June 2005 - English]
[Presentation]  Active Directory network protocols and traffic [4 May 2005 - English]
[Tip]  Minimizing Windows Server 2003 network services [6 April 2005 - English]
[Presentation]  Running with least privilege on Windows systems [7 February 2005 - French]
[Presentation]  SSLtunnel for Windows [22 September 2004 - French]
[Presentation]  Active Directory network protocols and traffic [13 September 2004 - French]
[Presentation]  Windows network services [13 January 2004 - French]
[Presentation]  Windows network services internals - HiverCon 03 [6 November 2003 - English]
[Article]  Windows network services internals [22 October 2003 - English]
[Presentation]  Windows network services for Samba folks [14 April 2003 - English]
[Article]  Security model of Windows systems [14 October 2002 - French]
[Tip]  Minimization of network services on Windows systems [2 September 2002 - English]
[Article]  Windows systems network services - Case study with Windows 2000 and Windows XP [6 June 2002 - French]
[Tip]  Minimizing network services on Windows systems [3 June 2002 - French]
[Tip]  Remote administration of Windows systems (Part 2) - rpcclient [18 February 2002 - French]
[Tip]  Remote administration of Windows systems (Part 1) - SSH [19 November 2001 - French]
[Presentation]  IP filtering and IPsec in Windows 2000 [7 September 2001 - French]
[Presentation]  Microsoft & Security: Beware Danger [13 March 2001 - French]
[Presentation]  Windows NT network flows [24 September 1998 - French]
[Article]  NT4 registers related to security [April 1998 - French]
> Copyright © 2013, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 12 April 2013 at 13:23:45 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants