Have you seen this article: http://www.infoworld.com/d/security-central/dont-count-kerberos-thwart-pass-the-hash-attacks-871 It also the end of the article references and links two articles from SANS Reading Room and the Taming the beast: Assess Kerberos-protected network, Blackhat presentation. The info is dated.. from back 2010 or earlier.
This seems interesting too: https://www.hacking-lab.com/misc/downloads/event_2010/daniel_stirnimann_pass_the_hash_attack.pdf, a lot of repeated info but there are other references at the end. It also has pictures... I like pictures... There was a more recent Blackhat talk about passing the hash and discusses Kerberos: http://media.blackhat.com/bh-us-12/Briefings/Duckwall/BH_US_12_Duckwall_Campbell_Still_Passing_WP.pdf http://media.blackhat.com/bh-us-12/Briefings/Duckwall/BH_US_12_Duckwall_Campbell_Still_Passing_Slides.pdf Official blog: http://passing-the-hash.blogspot.com Hope this is close to what you are looking for. On Fri, Jun 14, 2013 at 9:51 AM, Chris Campbell <[email protected]>wrote: > Hi All, > > Can anyone recommend a good quality technical paper on pass-the-hash > attacks in relation to Kerberos? > > Cheers. > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
