当前位置:网站首页>[Red Team] ATT&CK - Self-starting - Self-starting mechanism using LSA authentication package

[Red Team] ATT&CK - Self-starting - Self-starting mechanism using LSA authentication package

2022-08-10 03:31:00 Thousands of miles :)

Technical Notes

An attacker could abuse the authentication package to execute DLLs at system startup.The Windows Authentication Pack DLL is loaded by the Local Security Authority (LSA) process at system startup.They provide support for the operating system's multiple login processes and multiple security protocols.

https://docs.microsoft.com/en-us/windows/win32/secauthn/lsa-authentication?redirectedfrom=MSDNicon-default.png?t=M666https://docs.microsoft.com/en-us/windows/win32/secauthn/lsa-authentication?redirectedfrom=MSDN<

原网站

版权声明
本文为[Thousands of miles :)]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/222/202208100202553469.html

边栏推荐

猜你喜欢

随机推荐