Nosferatu – Lsass NTLM Authentication Backdoor

Lsass NTLM

 

Login example using Impacket:

Limitations

In an Active Directory environment, authentication via RDP, runas, or the lock screen does not work with the nosferatu password. Authentication using SMB, WinRM, and WMI is still possible.

In a non-AD environment, authentication works for all aspects.

Download Nosferatu

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source