Browsed by
Tag: mimilsa-log-file

Stealing Credentials with a Security Support Provider (SSP)

Stealing Credentials with a Security Support Provider (SSP)

Introduction: SSP Attacks Mimikatz provides attackers several different ways to store credentials from memory and extract them from Active Directory. One of the more interesting tools provided is the MemSSP command, which will register a Security Support Provider (SSP) on a Windows host. Once registered, this SSP will log all passwords in clear text for any users who log on locally to that system. In this post, we will explore this attack and how it can be used by attackers…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.