Super Sweet Kon-Boot Demo in GIFs
Summary
This article from Black Hills Information Security showcases a demonstration of Kon-Boot, a tool used to bypass Windows and macOS login passwords. The demo, presented in GIFs, illustrates how an adversary can gain access to a locked computer.
IFF Assessment
FOE
Kon-Boot demonstrates a method for bypassing login credentials, which is advantageous for attackers and poses a risk to defenders.
Defender Context
This demonstration highlights a known technique for local privilege escalation by bypassing authentication mechanisms. Defenders should be aware of such tools and ensure robust physical security controls and endpoint detection and response (EDR) solutions are in place to detect or prevent unauthorized access.