8.6 - Custom SSP
Custom SSP
A Security Support Provider (SSP) is a DLL that allows applications to establish authenticated connections. Common Microsoft SSPs include:
NTLM
Kerberos
Wdigest
CredSSP
Mimikatz provides a custom SSP (
mimilib.dll
) that logs plaintext credentials (including local, service, and machine accounts) on the targeted machine.
Installation Methods:
1. Registry Injection Method (Persistent):
Drop the mimilib.dll
into C:\Windows\System32\
and register it via the Registry:
2. In-Memory Injection (Less Stable, especially on Server 2019/2022):
All captured credentials will be logged in:
Last updated