Nosferatu - Lsass NTLM Authentication Backdoor

Lsass NTLM

Limitations

In an Active Directory environment, authentication via RDP, runas, or the lock screen does not work with the nosferatu password. Authentication using SMB, WinRM, and WMI is still possible.

In a non-AD environment, authentication works for all aspects.

Download Nosferatu

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Nosferatu – Lsass NTLM Authentication Backdoor

Original Source

HackerOne Bug Bounty Disclosure: unsubscribe-anyone-from-all-emails-abfe

HackerOne Bug Bounty Disclosure: information-exposure-due-to-enabled-debug-mode-thpless

HackerOne Bug Bounty Disclosure: reflected-html-injection-via-contact-faq-search-parameter-on-the-white-evil

HackerOne Bug Bounty Disclosure: reflected-html-injection-via-contact-faq-search-parameter-on-the-white-evil

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

Original Source

You may have missed

HackerOne Bug Bounty Disclosure: unsubscribe-anyone-from-all-emails-abfe

HackerOne Bug Bounty Disclosure: information-exposure-due-to-enabled-debug-mode-thpless

HackerOne Bug Bounty Disclosure: reflected-html-injection-via-contact-faq-search-parameter-on-the-white-evil

HackerOne Bug Bounty Disclosure: reflected-html-injection-via-contact-faq-search-parameter-on-the-white-evil

CISA: CISA Adds One Known Exploited Vulnerability to Catalog