Tuesday, August 12, 2008

Passing The Dutchie @ Defcon 16

Like many things with this blog, I don't prioritize it above things like hanging out with my girlfriend, going to work, sleeping, breaking my iPhone, losing all my Defcon pictures, etc.

Last weekend was Defcon 16. I had a really great time speaking to a packed house on the death of NTLM. Slides, slide video and source code to Squirtle are now available for your pleasure. I'll be doing some more work and documentation on Squirtle shortly.

A few quick changes were made to the slide deck from what was presented (and the slides on the CD are waaaaaay something different :). Mostly added NTLM Signing as a mitigation and correctly stating that JoMoKun did the Samba Pass-The-Hash modifications. Sorry!

More updates coming.

Thursday, August 07, 2008

NTLM is Dead: Defcon 16


Friday, August 8th @ 2pm. Come learn how to own an enterprise with one XSS!

Slides and other material will be on-line after Defcon. Source code available here