-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Skeleton Key on "MSV" SSP #449
Comments
To force Kerberos authentication, add |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello!
i'm studying the Skeleton Key Attack, in the original paper (https://www.virusbulletin.com/uploads/pdf/magazine/2016/vb201601-skeleton-key.pdf) they described that this attack is able to modify both SSP "MSV" (NTLM Authentication) & "kerberos.dll" (Kerberos Authentication) installing a backdoor inside these protocols.
But in my test with "misc::skeleton" it appears that Mimikatz modifies only the SSP "Kerberos.dll", i tried with:
net use (wireshark says it use Kerberos) and it works
psexec of sysinternal (wireshark says it use Kerberos) and it works
Enter-PSSession (wireshark says it use Kerberos) and it works
Can you please tell me if I'm wrong?
On my Kali using "psexec" of Impacket (or also crackmapexec) (wireshark says it use NTLM) and it NOT works as you can see in the screenshot.
The text was updated successfully, but these errors were encountered: