Windows credential theft: Methods and mitigations

Show full item record

Title: Windows credential theft: Methods and mitigations
Author: Desimone, Joseph
Abstract: Compromising Windows account credentials, especially in a domain environment, is a critical phase in an attack against an organization. This paper will first survey the most common tools and techniques used to uncover usernames and their plaintext credentials in standard red team procedures. These methods are compared against the new proposed method that uses low level hooking in the local security authority subsystem service to stealthily compromise plaintext credentials upon login. The latter has many advantages over pre-existing tools designed to capture credentials on Windows based computers. Finally, mitigation procedures will be examined that are designed to thwart credential theft or limit further domain compromise.
Record URI: http://hdl.handle.net/1850/15334
Date: 2012

Files in this item

Files Size Format View
JDesimoneThesis7-19-2012.pdf 1.172Mb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML


Advanced Search

Browse