DEFCON 20: Owned in 60 Seconds: From Network Guest to Windows Domain Admin

Рет қаралды 361,988

Christiaan008

Күн бұрын

Пікірлер: 87

@Nothy 11 жыл бұрын

owned in 2140 seconds*

@CraZyDjGUY 9 жыл бұрын

add 10 :D

@Dancingmoo88 12 жыл бұрын

Thank You so much for all your hard work posting all these videos. I am learning so much.

@MichaelOfRohan 2 жыл бұрын

It really is a very effective way to engage people in what cyber security, in all its different forms. Even the boring talks are full of relevant information.

@garrysshelton9032 7 жыл бұрын

Back in the early 1990s, I had a stack of Certificates an inch high! Worked for a few Fortune 500 Companies, one in the top TEN! - I went to where my Family has lived for over 200 years, Western NC and Eastern TN - I had to take a job at a Tomato Shed ! Only chance at a decent job, Eastman, and I was turned down for being too old! So much for papers!! Don't waste your money on Papers that becomes worthless within a few years! 'Nuff Said...

@JackassJimbo 11 жыл бұрын

Lol at the escription.. "played by none other than Angelina Jolie" xD

@andreassjoberg3145 5 жыл бұрын

MITM-attacks can be stopped by using the trace-route from client to server as part of a 2-component seed for the random-salt for encrypting the password.

@NinjaPl33z 10 жыл бұрын

thotcon means a completely different thing in baltimreo

@ChRiStIaAn008 12 жыл бұрын

thanks for the suggestion, added the video in an annotation.

@cocosloan3748 7 жыл бұрын

This guy went mad explaining!

@thorlancaster5641 7 жыл бұрын

Yet another reason to not use Windows in a server environment.

@NOCDIB 10 жыл бұрын

Sounds like Erlich Bachman from HBO's Sillicon Valley

@Kyanite. 9 жыл бұрын

You're tripping

@norciafneguncajo 9 жыл бұрын

+NOCDIB Now I'm imaginating him talking, thanks

@MichaelOfRohan 2 жыл бұрын

"Played by no other than angoline jolie' xD

@TheAltF4ToWin 12 жыл бұрын

Turn annotations off?

@hulkingmass 12 жыл бұрын

Cool stuff about authenticating from outside the network. I'm more interested in doing so from a machine on the LAN. He briefly mentioned NBNS and DNS spoofing. Anyone have any ideas/tools that could accomplish this? Also, here's pretty much the same talk that Zack gave at Derbycon, and in this one it sounds like he was able to flesh his cool tool out more and included a nice live demo: (youtube doesn't allow links...just search "derbycon owned in 60 seconds"

@Superzxoz 12 жыл бұрын

Even though its an old question, DNS spoofing can be done with any MITM tool like ettercap or cain

@ianjones7440 8 жыл бұрын

Nigga cains not a man in the middle application

@ChRiStIaAn008 12 жыл бұрын

your welcome, but the credits go out to the DEFCON organisation for releasing the first 4 videos and allowing me to upload it.

@firstnamelastname2298 7 жыл бұрын

That was cool. Unfortunately I have not seen computer running windows for more than 10 years. Everybody uses Linux or Mac.

@jacobhansfield9914 8 жыл бұрын

Says 60 seconds, is over 35 mins long

@youtube.com-handle 8 жыл бұрын

Owned in 60 Seconds... Owned.... in 60 seconds...

@JamesBalazs 8 жыл бұрын

You must be an illiterate if you think that means the video is 60 seconds long.

@paulfears337 6 жыл бұрын

Good talk didn't understand any of it

@Crux161 11 жыл бұрын

I love this talk, literally could not stop laughing at all the vectors... :D

@mattdoesflyfishing 12 жыл бұрын

Thanks for the upload!

@paran315 11 жыл бұрын

I wonder how programmers like this view the world..in my eyes, they are geniuses o.o I don't understand these at all

@TyDie85 8 жыл бұрын

I didn't judge until you said "certs". Do you mean certifications? Or should I not judge because of your lack of breath mints?

@gr3atj0b 8 жыл бұрын

edgy breh

@Walter_ 5 жыл бұрын

Certs are usually web certificates for https.

@icywiener5421 6 жыл бұрын

In Soviet Russia we have CIFS blocked by ISP right after/before client's interface.

@VictorNascimentoo 7 жыл бұрын

"So..." APPLAUSE, DEAD.

@ChRiStIaAn008 12 жыл бұрын

you're welcome, but credits go to the DEFCON organisation :)

@GeekBlogTV 12 жыл бұрын

OP, can you be a little less obtrusive with your youtube-annotation-experience?

@cyclist14 12 жыл бұрын

great video!

@jabbyjojo 8 жыл бұрын

whoa i actually have to know shit this wasnt in the brochure

@tjtube263 10 жыл бұрын

where is this tool available?

@ThePsychoBoiz 10 жыл бұрын

github.com/urbanesec/ZackAttack

@chuckdemus 10 жыл бұрын

if I make a computer from wood, better?

@LYMGC1 11 жыл бұрын

(Fucking windows 8. Get bill gates in here!) :D

@FabianCook 12 жыл бұрын

Bootstrap

@SpAzMaNiK 11 жыл бұрын

Curious, how would one breath through their nose if they are speaking? That seems pretty dumb. However I will say this speaker drinking with his mouth next to a mic is moderately annoying.

@f.puttstycker2784 7 жыл бұрын

Can you delete a domaine? Salvaged laptop with software I rally could use. I don't have user passwords. HELP?!?!?!!!!!?

@mjouwbuis 6 жыл бұрын

Become local admin and just log in on the laptop. No need to do anything domain related.

@andreassjoberg3145 5 жыл бұрын

@@mjouwbuis physical acess to a windows laptop: Either DELETE or REPLACE the file where windows stores the encrypted user passwords. Once it is gone, you can log in as administrator with a blank password. Just unplug the drive, put in an external caddy, boot another computer and go and delete the password file. reinsert drive and boot that laptop, and you are admin.

@andreassjoberg3145 5 жыл бұрын

There is a reason most systems nowadays offers to encrypt the entire drive (and the swap partition) per default when installing.....this is about the oldest attack in the history of computer passwords.

@mariobranco123 12 жыл бұрын

Chocolat is not this good =D

@deltahex 11 жыл бұрын

that guy must to be banned for life to lecture. so much confusion that he can confuse a guy who already know all this what to say for a student or an amateur like me. poor students...

@solidtemper4158 11 жыл бұрын

it's not hash - it's cache ID's

@istvanp9760 5 жыл бұрын

no, this is 60 seconds. Explain to you is 35 minutes :)

@majesticwonFine 5 жыл бұрын

@Istvan P Because his slides are outta order... 🤣😅

@TheLoneMaverick 9 жыл бұрын

I really can't stand the way this guy talks.

@boxbox6290 9 жыл бұрын

Ditto a very arrogant guy i know i hate him hes my brother what a complete twat but he is rich now from spam scam

@StratophonicDubstep 9 жыл бұрын

Then sit down :P

@boxbox6290 9 жыл бұрын

Mjinks Dubstep i cant im not rich

@jasonviper8512 9 жыл бұрын

Mjinks Dubstep or squat or kneel or stand on one leg

@WampireDj 9 жыл бұрын

+SC Tech Channel 4.bp.blogspot.com/-zpBHTygdGUE/UIk75tIvqXI/AAAAAAAAEQc/xSpRSSEFtQs/s1600/ok.gif

@mikado_ 8 жыл бұрын

Now that was boring.

@yaacoubi 7 жыл бұрын

Failed in 2150 seconds

@holybird0072 11 жыл бұрын

i did not get it at all

@Anvilshock 7 жыл бұрын

Jesus fucking hell, tone it down with the annotations.

@MagikGimp 9 жыл бұрын

Please! God damn it! I hate this hacker crap!

@MagikGimp 9 жыл бұрын

+James Fox Idiot. You need to go watch more Jurassic Park.

@AveNullusMajestic 9 жыл бұрын

+MagikGimp ...lol! Put that crack-pipe down dude!

@kainhall 9 жыл бұрын

+MagikGimp wow.... first off, learn to spell your fucking name right you 14 year old... no uploaded vids means your a fucking leach. you have NO room to say shit about other peoples videos.... like... DEFCON is a hacker convention.... its comic con for hackers. IF. YOU. DONT. LIKE. HACKERS. DONT. WATCH. DEFCON. VIDEOS. its that fucking simple dude.... and because you told someone to go watch more Jurassic park.... i think the idea of defcon = hacker shit went over your stupid head. now fuck off.

@Unstrict 9 жыл бұрын

+kain hall I agree with most of your comment except for the leech part.

@MagikGimp 9 жыл бұрын

+TurkeyGaming You're also a real turkey...