pass-the-ticket attack

GPTKB entity

Statements (20)
Predicate Object
gptkbp:instanceOf cyberattack technique
gptkbp:canBeBypassedBy password authentication
gptkbp:category credential theft
post-exploitation technique
gptkbp:detects security monitoring tools
gptkbp:documentedIn gptkb:MITRE_ATT&CK_framework
gptkbp:enables unauthorized access
gptkbp:exploits gptkb:Kerberos_tickets
https://www.w3.org/2000/01/rdf-schema#label pass-the-ticket attack
gptkbp:mitigatedBy multi-factor authentication
Kerberos ticket lifetime restrictions
monitoring for abnormal ticket usage
gptkbp:relatedTo gptkb:Kerberos_authentication
gptkb:pass-the-hash_attack
gptkbp:requires valid Kerberos ticket
gptkbp:target gptkb:Windows_environments
gptkbp:usedBy attackers
gptkbp:usedIn lateral movement
gptkbp:bfsParent gptkb:Kerberos
gptkbp:bfsLayer 5