This presentation will provide an overview of common methods that can be used to obtain clear text credentials from Microsoft products such as Windows, IIS, and SQL Server. The discussion will focus on intended functionality that can be used for good or malicious purposes. As part the presentation proof of concept scripts written in Powershell and Metasploit will be released to help illustrate the techniques. The content will be semi-technical, and should be interesting to penetration testers, developers, and system administrators trying to gain a better understanding of the value and limitations of the methods commonly used to protect passwords in Windows environments.
- Microsoft's password protective controls have value and limitations.
- Methods for extracting passwords from Microsoft Technologies are well known.
- Excessive privileges are still one of the greatest related issues.
About Scott Sutherland
Scott Sutherland is a security consultant responsible for the development and execution of penetration test services at NetSPI. His role includes researching and developing tools, techniques and methodologies used during network and application penetration tests. As an active participant in the information security community, Sutherland performs security research in his free time and contributes technical security blog posts, presentations and tools on a regular basis through NetSPI. You can find him blogging on the NetSPI website and on Twitter.
About Antti Rantasaari
Antti is a security consultant currently responsible for the development, and execution of penetration test services at NetSPI. This role includes researching and developing tools, techniques, and methodologies used during network and application penetration tests.