As much as some of us want open source software to take over the world, the reality is that most businesses run on windows. Corporate intranets run Sharepoint, email is managed by Exchange, and data is stored in MS SQL databases. Microsoft provides a robust suite of tools to access all of this data with lots of pretty GUIs. Accessing corporate data in this environment can be challenging without a username and password.
Chris (@obscuresec) and I talk about a simple yet powerful technique to use password hashes and Microsoft tools to access a client's data from a Windows attack box without the need to join it to the domain.
Join us at Blackhat USA 2012 for our talk "Still Passing the Hash 15 Years Later" on Thursday July 26 at 10:00am!