Statements (21)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybercrime
gptkb:authentication_attack |
| gptkbp:can_compromise |
Active Directory environments
|
| gptkbp:compatibleWith |
plaintext password
|
| gptkbp:detects |
monitoring for unusual authentication activity
|
| gptkbp:enables |
lateral movement
privilege escalation |
| gptkbp:exploits |
gptkb:NTLM_authentication_protocol
hashes of passwords |
| gptkbp:firstDescribed |
1997
|
| gptkbp:mitigatedBy |
enabling credential guard
limiting administrative privileges using Kerberos authentication using strong password policies |
| gptkbp:relatedTo |
gptkb:pass-the-ticket_attack
|
| gptkbp:target |
gptkb:Windows_operating_systems
|
| gptkbp:used_in |
attackers to access network resources
|
| gptkbp:uses |
stolen password hashes
|
| gptkbp:bfsParent |
gptkb:pass-the-ticket_attack
|
| gptkbp:bfsLayer |
6
|
| https://www.w3.org/2000/01/rdf-schema#label |
pass-the-hash attack
|