7MS #526: Tales of Pentest Pwnage - Part 37
7 Minute Security
English - June 24, 2022 13:00 - 34 minutes - 31.8 MB - ★★★★★ - 63 ratingsTechnology News Tech News information security security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 7MS #525: First Impressions of InsightIDR - Part 2
Next Episode: 7MS #527: First Impressions of Purple Knight
Today's another fun tale of pentest pwnage - specifically focused on cracking a hash type I'd never paid much attention to before: cached domain credentials. I also learned that you can at least partially protect against this type of hash being captured by checking out this article, which has you set the following setting in GPO:
Under Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options set Interactive logon: Number of previous logons to cache to 0. Be careful, as you will have login problems if a domain controller is not immediately accessible!In regards to defending against secretsdump, this article I found this article to be super interesting.