I failed an important interview, but it made me better.
Vložit
- čas přidán 22. 06. 2024
- This is a story about an embarrassingly failed interview that I have had, that shaped my approach to security overall.
Want to Connect?
LinkedIn
/ vankperry
Discord
/ discord
This is an important lesson from your story: the boundary of the candidate's knowledge will be found by a good interviewer. The candidate must get comfortable with finding the knowledge boundary and explaining to the interviewer how they studied it a long time ago, that they simply forgot some aspects while studying other material, that they know where to go to research the topic, that they will research it tonight before sleeping, and so on. Also, mock interviews help a lot to find these cracks and edges. Getting plugged in to a community can help the candidate find a study buddy with which to conduct mock interviews and become accustomed to confronting the boundary of their knowledge set. And expending it.
NTLM was the older hashing algorithm allowing a SSO with LDAP was vulnerable to pass the hash attacks NTLMv2 is most common now I believe, but I’m sure you researched your butt off after that interview, damn man you were close. Thanks for sharing!🎉
Whoa, this was like watching a movie, your storytelling, and the editing really is amazing , you're gonna go viral soon , mark my words.
Also may I know how you generated the AI images with your face on it ? Those look great.
I actually don't know 😅. My editor does it for me. Here is his discord, if you want to reach out and ask.
discord:
skylar_chris
User enters username password
LDAPS forwards the request via plaintext to AD
AD hashes the plaintext (Username and password) and checks the DB for a match.
When the match is found AD sends back the response
LDAPS informs the system of the result.
Correct?
Yep! LDAP can also encrypt the password before sending, allowing AD to decrypt with a corresponding private key