Lessons Learned in Password Cracking

In many tests, we end up having to do some kind of password cracking, Kerberoasted hashes, hashes dumped from the SAM or ntds.dit, or some other kind of hash. When cracking, especially when we have a bunch of SPNs or we’ve got the ntds.dit, we aren’t...

Logging Passwords on Linux

Hal Pomeranz tipped me off to a nasty little trick of using Linux’s own auditing features and PAM to grab clear text passwords from users as they use sudo/su on the command line. Linux PAM (Pluggable Authentication Modules) are a flexible method of implementing...