Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

It is Now Much Easier to Steal Login Credentials from a Locked Computer

September 13, 2016

According to a report by ars technica, "Snatching the login credentials of a locked computer just got easier and faster, thanks to a technique that requires only $50 worth of hardware and takes less than 30 seconds to carry out." The hack works by plugging in a USB flash-sized minicomputer into a computer that's logged in and currently locked. In approximately 20 seconds, the user name and logon password hash is captured. The captured authentication hash can then be cracked or downgraded to another hash that can be used to access the system. The hack works by using both the Hak5 Turtle ($50) and USB Armory ($155), both of which are USB-mounted computers that run Linux. Hak5 has some great stuff. My favorite product is the WiFi Pineapple, which essentially impersonates a Wi-Fi network to capture wireless data transmissions.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com