Browsed by
Tag: Lateral Movement

What is a Silver Ticket Attack?

What is a Silver Ticket Attack?

Silver Ticket Attack Threat Overview:Forged Service Tickets Silver Tickets enable an attacker to create forged service tickets (TGS tickets) that are used to access compromised service accounts. The Kerberos Silver Ticket is a valid Ticket Granting Service (TGS) Kerberos ticket that has been encrypted/signed by the service account configured with a Service Principal Name (SPN). How a Silver Ticket Attack Works The following is a summary of how the attack works: Extract NTLM password hash for either a service account


What is Pass the Hash?

What is Pass the Hash?

Pass the Hash is a technique that enables an attacker (typically using Mimikatz) to leverage the LanMan or NTLM hashes of a user’s password – instead of the user’s plaintext password – to authenticate to a directory or resource.