Internal Infrastructure Pentest - Skeleton Key Attack

less than 1 minute read

Skeleton Key Attack: This attack is very tricky. It makes the secondary password for the same user. Many malware takes advantage of this attack to create persistence in a network. Both passwords works for the Domain Users.
Things Needed:
- Domain Admin rights
- Mimikatz
- Control of every domain controller in a network
Mimikatz Commands:
- privilege::debug
- misc::skeleton

Share on

Twitter Facebook LinkedIn

You may also enjoy

Destroying Cloud Infrastructure with Nuking Tools

4 minute read

Cloud computing has become the backbone of countless businesses, ensuring the security of cloud infrastructure is of utmost importance. Misconfigurations, un...

Installing Kali in AWS EC2 Instance

less than 1 minute read

sudo passwd kali sudo apt-get update sudo apt-get install xrdp lxde-core lxde tigervnc-standalone-server -y cd / sudo sed -i ‘s/allowed_users=.*/a...

Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket

2 minute read

Brace Yourself: Cyber Attacks on Australian Businesses Set to Skyrocket

The Power of In-Memory Executions: How to Execute Code without Touching Disk

6 minute read

In-memory execution is a technique used by malware developers to evade detection by traditional antivirus solutions. Instead of writing their malicious code ...