Pass-the-Hash II: The Wrath of Hardware - RSA … ID: #RSAC Nathan Ide. Pass-the-Hash II: The Wrath...

Post on 12-Mar-2018

226 views 3 download

Preview:

Click to see full reader
Report this document
SHARE

transcript

SESSION ID:

#RSAC

Nathan Ide

Pass-the-Hash II: The Wrath of Hardware

HTA-R03

Principal Software Engineering LeadMicrosoft, Windows security

#RSAC

Pop Quiz, Hot Shot Which would you stop:

Largest bank heist in history Theft of customer PII Politically-motivated

hacking

Good news! You don’t need to choose. All exploit AD Single Sign-On (SSO)

2

#RSAC

User: AlicePassword hash: C9D…

Single-Sign On, Explained

Alice’s Desktop

User: Alice

Password: a1b2c

Alice’s User SessionUser: AlicePassword hash: C9D…

File Server

1

2

3

Alice’s User Session4

1. Alice enters username and password2. PC creates Alice’s user session3. PC proves knowledge of Alice’s hash to Server4. Server creates a session for Alice

3

#RSAC

Bob_Laptop

User: BobNT: A3D7…

Pass-the-Hash Technique

Alice_PC

User: AliceNT: 4F3D…

Carol_Tablet

User: CarolNT: 238D…

HR_Vids

APT-ONERecon

Bob@PTHCorp.com

Compromise

Escalate

Foothold

User: Bob

User: CarolUser: Alice

4

#RSAC

The Future! (if you can get there) New protocols learn from these attacks

NAS, printers, software, hardware rely on NTLM & Kerberos

Security or compatibility, choose one

Unless …

5

#RSACBringing new security promises to old protocols

6

#RSAC

Physical Token Theft

7

#RSAC

Alice’s Laptop

Local Security Authority (LSASS)NTLM

Kerberos

Digital Token Theft

Credential Store

NTOWF: C9DF4E56A2…

Ticket Granting Ticket

Service TicketService TicketService Ticket

Service Ticket

Password: a1b2c

User: Alice“Credential footprint”

8

#RSAC

Token Theft - Demo

9

#RSAC

Current Defenses

Binding to devices with silos/policies Theft still possible on restricted machines

Reduced credential footprint SSO means attacker still has something to steal

Process/Kernel code signing Eliminates polymorphism, but requires A/V signatures

#RSAC

Servicing frequency & definition of “Old”

Monthly <3 Years 5 Years >5 Years

Client Devices Domain Controller Servers LOB tools

AppliancesACLs

DC

Client

Server

NAS

1

2

OS Patches

11

#RSAC

New technique

Use hardware virtualization “Isolated User Mode” (IUM) provides

strong isolation boundary Strict signing - doesn’t host device

drivers Building block for all security

promises

High Level OS (HLOS)

Hypervisor

Isolated User Mode (IUM)

LSASS LSAIso

12

#RSAC

10,000’ Architecture

Windows 10 has IUM with builtin NTLM and Kerberos support

High Level OS (HLOS)

Hypervisor

Isolated User Mode (IUM)

LSASSNTLM

Kerberos

IUM secretsLSAIsoNTLM support

Kerberos support

Clear secrets

Boot Persistent

13

#RSAC

IUM login flowLSASSNTLM

KerberosKerb key TGT

Hypervisor

Password: a1b2c

User: Alice

IUMNTLM

Kerberos

NTOWF: C9DF4E56…

TGT key File server

Domain Controller

NTOWF: C9DF4E56…

Kerb key

Alice’s User Session

14

#RSAC

IUM - Demo

15

#RSAC

Cred Theft Law of Physics #1

Credential theft begins with hostile administrator

If user credential comes from keyboard, it’s compromised

LSASSNTLM

KerberosKerb key TGT

Hypervisor

Password: a1b2c

User: Alice

IUMNTLM

Kerberos

NTOWF: C9DF4E56…

TGT key

NTOWF: C9DF4E56…

Kerb key

16

#RSAC

Strong cred support in NTLM, Kerberos

Symmetric secret auth used to be “good enough”

Hardware bound asymmetric auth stops phishing In AD since Win2000 Uses PKINIT Kerberos extension Supports Diffie-Hellman key exchange

But, NTLM password based protocol! DC sends you hash

17

#RSAC

IUM Smartcard integration

PIN: 1234

User: Alice

File server

Domain Controller

Alice’s User Session

LSASSNTLM

KerberosTGT

Hypervisor

IUMNTLM

KerberosTGT key

NTOWF: C9DF4E56…

Kerb keyDH key

PKINIT request

TGTTGT key NTOWF

18

#RSACSmartcard authentication in IUM - Demo

#RSAC

Cred Theft Law of Physics #2

Costs favor attacker Shipping is expensive Deploying is expensive

Devices owned by (compromised) HLOS

What forces the Smartcard to use IUM?

Need to bind user accounts to IUM!

PIN: 1234

User: Alice

LSASSNTLM

Kerberos

Hypervisor

IUMNTLM

Kerberos

DH keyDH key

NTOWF NTOWF

#RSACIUM Credential Binding -Demo

21

#RSAC

Attacking IUM

Extraction is not the only way to get data

IUM is oracle Susceptible to sidechannel and

brute force attacks Must restrict oracle crypto

MS-CHAPv2, NTLMv1 blocked Smartcards restricted to DHE exchange New trust boundary – firmware, IUM, hardware

#RSAC

Putting it together …

IUM-bound machine key …

Armors hardware-bound user key …

Retrieves TGT and encrypted NTLM hash …

Decrypted in IUM

NTLM SSO without extractable NTLM hash!

TGTTGT key NTOWF

Isolated User Mode (IUM)

LSAIso

#RSAC

Apply

Hardware-backed credential theft defenses don’t require starting over Eliminate weak protocols – MSCHAPv2, NTLMv1 Migrate users to hardware credentials Update hardware and software specs to IUM-compatible devices

You can try demos at home with the Win10 April preview

Get educated on other Credential Theft mitigations http://www.microsoft.com/pth

24

http://www.microsoft.com/pth

Top related

Hash-JoinAlgorithmen · Hash-Join Algorithmen | Matthias Richly | 6. Januar 2009 3 Gliederung Hash-JoinAlgorithmen allgemein Einfacher Hash-Join GRACE Hash-Join Hybrid Hash-Join
Documents
Dungeons & Dragons: Wrath Ashardalon
Documents
Grapes of Wrath
Documents
UNDERSTANDING THE FEASIBILITY OF PASS-THE-HASH · programs such as Cain and Abel, performing a man-in-the middle attack. Only with the hash will the diagram illustrated above take
Documents
Pass the Hash Attacks Tools Mitigation
Documents
Pass-the-Hash II: Admin's Revenge
Documents
How Cyber Criminals Steal Passwords via Pass-the-Hash and Other Attack Methods
Software
Wrath & Glory Spanish Edition
Documents
Mitigating Pass-the-Hash (PtH) Attacks and Other ...download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C... · Mitigating Pass-the-Hash (PtH) Attacks and Other Credential
Documents
Pass-the-Hash: How Attackers Spread and How to Stop … · Pass-the-Hash: How Attackers Spread and How to Stop Them . HTA-W03 . Mark Russinovich . Technical Fellow . Microsoft Corporation
Documents
Why not let us know what topics you’d like us to cover ... · Pass the hash, overpass the hash, and pass the ticket detection Detect the creation of a service on a domain controller
Documents
Viewfinity and Pass the Hash - download.101com.comdownload.101com.com/pub/mcp/Files/Viewfinity_-_Pass_the_Hash.pdf · Viewfinity and pass-the-hash Viewfinity provides the only solution
Documents
Daniel Lemire and Owen Kaser, Recursive Hashing and One-Pass, One-Hash n-Gram Count Estimation
Documents
Pass-The-Hash Toolkit for Windows Implementation & use · Slide 1 Hernan Ochoa (hochoa@coresecurity.com, hernan@gmail.com) Pass-The-Hash Toolkit for Windows Implementation & use 10/29/08
Documents
Wrath Child
Documents
Pass-the-Hash Attacks - DSInternals · 1997 –Pass-the-Hash demonstrated using a modified Samba ... Identify all high-value assets Protect against known and unknown threats Detect
Documents
Mitigating Pass-the-Hash (PtH) Attacks and Other ... · PDF fileMitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques Mitigating the risk of lateral movement
Documents
God’s wrath
Documents
Wrath of Shiva
Technology
Agile Wrath
Entertainment & Humor

Copyright © 2018 DOCUMENTS