Browsed by
Tag: Lateral Movement

Pass-the-Hash

Pass-the-Hash

Pass the Hash is a technique that enables an attacker (typically using Mimikatz) to leverage the LanMan or NTLM hashes of a user’s password – instead of the user’s plaintext password – to authenticate to a directory or resource.


Pass-the-Ticket

Pass-the-Ticket

Pass-the-ticket is a credential theft technique that enables adversaries to use stolen Kerberos tickets to authenticate to resources (e.g. file shares and other computers) as a user without compromising that user’s password. This technique is often used by adversaries to move laterally through an organization’s network while hunting for opportunities to escalate privileges or fulfill their mission. Both ticket-granting service (TGS) tickets and ticket-granting tickets (TGT) can be stolen and reused by adversaries. Without administrative privileges, an adversary can obtain the TGT (using “fake delegation”) and all