Exploiting the Netlogon Protocol
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore an attack discovered against the Netlogon Remote Protocol (CVE-2019-1424) in this conference talk from the Hack In The Box Security Conference. Delve into the details of how a man-in-the-middle attacker can exploit this vulnerability to gain privileged remote code execution on domain-joined Windows systems. Learn about the Netlogon protocol, its relationship to NTLM, and previous exploits that abused Netlogon for NTLM relay attacks. Examine the custom cryptographic schemes used by the protocol for user authentication and message protection. Gain insights from Tom Tervoort, a Senior Security Specialist with expertise in network pentesting, cryptographic protocols, and Windows AD security.
Syllabus
#HITBLockdown D2 - Exploiting The Netlogon Protocol - Tom Tervoort
Taught by
Hack In The Box Security Conference
Related Courses
Your IPv6 Default Config Meets FOCA - And Starts to CryWEareTROOPERS via YouTube Lack of Self Isolation - Inside a Container Exploit
Docker via YouTube Wireshark Network Analysis - Network Management Tools
Write your own Operating System via YouTube Preventing Credential Theft Lateral Movement After Initial Compromise
YouTube ARP Spoofing and Poisoning: Understanding Man-in-the-Middle Attacks - Demo
Satish C J via YouTube