Windows credential theft: Methods and mitigations

Show simple item record

dc.contributor.advisor Pan, Yin en_US
dc.contributor.advisor Yuan, Bo en_US
dc.contributor.advisor Mishra, Sumita en_US
dc.contributor.author Desimone, Joseph
dc.date.accessioned 2012-09-25T18:16:01Z
dc.date.available 2012-09-25T18:16:01Z
dc.date.issued 2012
dc.identifier.uri http://hdl.handle.net/1850/15334
dc.description.abstract Compromising Windows account credentials, especially in a domain environment, is a critical phase in an attack against an organization. This paper will first survey the most common tools and techniques used to uncover usernames and their plaintext credentials in standard red team procedures. These methods are compared against the new proposed method that uses low level hooking in the local security authority subsystem service to stealthily compromise plaintext credentials upon login. The latter has many advantages over pre-existing tools designed to capture credentials on Windows based computers. Finally, mitigation procedures will be examined that are designed to thwart credential theft or limit further domain compromise.
dc.language.iso en_US
dc.subject None provided en_US
dc.subject.lcc QA79.6.A25 D475 2012
dc.subject.lcsh Microsoft Windows (Computer file)--Security measures
dc.subject.lcsh Computers--Access control
dc.subject.lcsh Computer networks--Security measures
dc.subject.lcsh Computer crimes--Prevention
dc.subject.lcsh Rootkits (Computer software)
dc.title Windows credential theft: Methods and mitigations
dc.type Thesis

Files in this item

Files Size Format View
JDesimoneThesis7-19-2012.pdf 1.172Mb PDF View/Open

This item appears in the following Collection(s)

Show simple item record

Search RIT DML


Advanced Search

Browse