传递哈希:凭证盗窃和重用的最普遍但被低估的攻击之一

Proceedings of the 18th International Conference on Computer Systems and Technologies Pub Date : 2017-06-23 DOI:10.1145/3134302.3134338

D. Dimov, Yulian Tzonev

{"title":"传递哈希:凭证盗窃和重用的最普遍但被低估的攻击之一","authors":"D. Dimov, Yulian Tzonev","doi":"10.1145/3134302.3134338","DOIUrl":null,"url":null,"abstract":"The aim of this article is to bring some light into the following topics: what is Pass-the-Hash, what is the methodology of such an attack on a Windows based environment and what are the environment prerequisites needed for a successful attack. The report also discusses the methods, techniques and best practices of how and where to organize the defense.","PeriodicalId":131196,"journal":{"name":"Proceedings of the 18th International Conference on Computer Systems and Technologies","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Pass-the-Hash: One of the Most Prevalent Yet Underrated Attacks for Credentials Theft and Reuse\",\"authors\":\"D. Dimov, Yulian Tzonev\",\"doi\":\"10.1145/3134302.3134338\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The aim of this article is to bring some light into the following topics: what is Pass-the-Hash, what is the methodology of such an attack on a Windows based environment and what are the environment prerequisites needed for a successful attack. The report also discusses the methods, techniques and best practices of how and where to organize the defense.\",\"PeriodicalId\":131196,\"journal\":{\"name\":\"Proceedings of the 18th International Conference on Computer Systems and Technologies\",\"volume\":\"50 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 18th International Conference on Computer Systems and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3134302.3134338\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th International Conference on Computer Systems and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3134302.3134338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

本文的目的是阐明以下主题:什么是Pass-the-Hash，在基于Windows的环境中进行这种攻击的方法是什么，成功攻击所需的环境先决条件是什么。报告还讨论了如何以及在何处组织防御的方法、技术和最佳实践。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Pass-the-Hash: One of the Most Prevalent Yet Underrated Attacks for Credentials Theft and Reuse

The aim of this article is to bring some light into the following topics: what is Pass-the-Hash, what is the methodology of such an attack on a Windows based environment and what are the environment prerequisites needed for a successful attack. The report also discusses the methods, techniques and best practices of how and where to organize the defense.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 18th International Conference on Computer Systems and Technologies

自引率

0.00%

发文量