Custom SSP
Custom SSP
Security Support Provider (SSP) is a DLL which provides ways for application to obtain an authenticated connection. For example: NTLM, Kerberos, Wdigest, CredSSP.
Mimikatz provides a custom SSP - mimilib.dll. This SSP logs local logons, service account and machine account passwords in clear text on the target server.
We can either:
Drop the mimilib.dll to system32 and add mimilib to
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security
OR:
Using Mimikatz, inject into LSASS
Last updated