Uploaded on

More info on http://techdays.be.

More info on http://techdays.be.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
494
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
35
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Sapd + Mimikatz
  • [12]
  • Rubberduck – access to your hardware
  • [40]
  • TenasrvNetwork miner + Update effectICMPPSPY2000 – 2001 appliancesluzyl jako proxy do icmp. sgssymantecTracert
  • [20]
  • FreddyDac, sddl.
  • BR/BW + Freddy
  • [25] uczenie, nie stosowanie
  • SRP
  • LinkedIn + Kate + HooksZa duzo zaufania do 1 warstwyWarmers + Hooks!
  • [32] Olanie
  • Malware
  • [45] Windows explorer <- ma go pod klikiem
  • Explorer.exe [Client]
  • [50-52]Entryttl?
  • Debugger running -> PIPE=W7!Start W7-CLI -> KerneldebuggingWEB->W7 audiodg.exe, notepad.exeSymbol Type Viewer

Transcript

  • 1. Hackers (Not) Halted Paula Januszkiewicz CQURE: CEO, Penetration Tester iDesign: Security Architect
  • 2. Contact Paula Januszkiewicz CQURE: CEO, Penetration Tester iDesign: Security Architect paula@cqure.pl | paula@idesign.net http://idesign.net
  • 3. Session GoalsBe familiar with the administrator’s mistakes that are:
  • 4. Agenda Summary 3
  • 5. Agenda Summary 3
  • 6. Misunderstanding Passwords
  • 7. Passwords Never Sleep
  • 8. Ignoring Offline Access
  • 9. Ignoring Access to YourHardware
  • 10. (Not) Known Data in the Network
  • 11. Monitoring Network Traffic
  • 12. (Not) Too Much ControlServices When used as a part of software that was not installed in %systemroot% or %programfiles% Installed in a folder with inappropriate ACLsPermissions Should be audited Should be set up as a part of NTFS, not as a part of sharesBackupRead / BackupWrite Copy operation that is more important than ACLs Used by backup software
  • 13. Why (Not) to UseGranularity?
  • 14. Using Old Technology
  • 15. Old Technology a Little BitToo… Old
  • 16. 1-Layer Encryption
  • 17. Easy and UsefulEncryption
  • 18. Installing Pirated Software& My Small ResearchInstallation of software is performed on the administrativeaccount
  • 19. Malware Around theCorner
  • 20. What You See Is NOT What You Get
  • 21. Blinded Operating System
  • 22. Too Much Trust in People
  • 23. Too Much Trust… (Not)
  • 24. Lack of Documentation & Training
  • 25. Agenda Summary 3
  • 26. Be Proactive!
  • 27. Areas of Focus
  • 28. Dirty Games: Protection Mechanisms
  • 29. Protected Processes
  • 30. Hooks
  • 31. Hooking