The IT Law Wiki

Pass-the-ticket attack

32,085pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

A pass-the-ticket attack

enables an attacker to authenticate to a Windows server using the Kerberos "ticket granting ticket" of a user recently logged into the domain. After previously compromising and gaining privileged access to a computer logged into the domain, the attacker extracts the Kerberos ticket granting ticket and uses it to access all servers the victim is authorized to access.[1]

References Edit

  1. VIDDER, "Pass-the-Ticket Attacks" (full-text).

Also on Fandom

Random Wiki