pass-the-hash attack

GPTKB entity

Statements (21)
Predicate Object
gptkbp:instanceOf cybercrime
authentication attack
gptkbp:can_compromise Active Directory environments
gptkbp:compatibleWith plaintext password
gptkbp:detects monitoring for unusual authentication activity
gptkbp:enables lateral movement
privilege escalation
gptkbp:exploits gptkb:NTLM_authentication_protocol
hashes of passwords
gptkbp:firstDescribed 1997
https://www.w3.org/2000/01/rdf-schema#label pass-the-hash attack
gptkbp:mitigatedBy enabling credential guard
limiting administrative privileges
using Kerberos authentication
using strong password policies
gptkbp:relatedTo gptkb:pass-the-ticket_attack
gptkbp:target gptkb:Windows_operating_systems
gptkbp:used_in attackers to access network resources
gptkbp:uses stolen password hashes
gptkbp:bfsParent gptkb:pass-the-ticket_attack
gptkbp:bfsLayer 6