Praetorian503 Posted February 7, 2013 Report Posted February 7, 2013 Description: The precursor to cracking any password is getting the right hash. In this talk we are going to cover how we discovered that Cain and Able, Creddump, Metasploit and other hash extraction tools regularly yield corrupt hashes that cannot be cracked. We will take a deep dive into password extraction mechanics, the birth of a viral logic flaw that started it all and how to prevent corrupt hashes. At the conclusion of this talk we will release patches that prevent hash corruption in these tools that many security professionals use every day.Ryan Reynolds has been with Crowe for five years and is the Manager responsible for Crowe's Penetration Testing services. Ryan has a wide range of knowledge and experience in system administration and networking to include security applications and controls. He is a technical lead for engagements including application, network and infrastructure penetration testing on both internal and external systems as well as social engineering & physical security assessments.Twitter: @reynoldsrbJonathan Claudius is a Security Researcher at Trustwave. He is a member of Trustwave's SpiderLabs - the advanced security team focused on penetration testing, incident response, and application security. He has ten years of experience in the IT industry with the last eight years specializing in Security. At Trustwave, Jonathan works in the SpiderLabs Research Division where he focuses on vulnerability research, network exploitation and is the creator of the BNAT-Suite. Before joining SpiderLabs, Jonathan ran Trustwave's Global Security Operations Center.Twitter: @claudijdDisclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.Original Source: Source: Stamp Out Hash Corruption! Crack All The Things! Quote
