mirror of
https://github.com/tldr-pages/tldr.git
synced 2025-08-15 11:15:48 +02:00
37 lines
895 B
Markdown
37 lines
895 B
Markdown
# mimikatz
|
|
|
|
> Interact with Windows credentials, perform credential dumping, token manipulation, and more.
|
|
> Requires administrator privileges and typically runs on Windows.
|
|
> More information: <https://github.com/gentilkiwi/mimikatz>.
|
|
|
|
- Run mimikatz in interactive mode:
|
|
|
|
`mimikatz`
|
|
|
|
- Enable debug privileges (needed for most operations):
|
|
|
|
`mimikatz "privilege::debug"`
|
|
|
|
- List available logon sessions:
|
|
|
|
`mimikatz "sekurlsa::logonpasswords"`
|
|
|
|
- Dump plaintext passwords, NTLM hashes, and Kerberos tickets from memory:
|
|
|
|
`mimikatz "sekurlsa::logonpasswords"`
|
|
|
|
- Pass-the-Hash with a specific NTLM hash and launch a command:
|
|
|
|
`mimikatz "sekurlsa::pth /user:{{username}} /domain:{{domain}} /ntlm:{{hash}} /run:{{cmd}}"`
|
|
|
|
- Dump local SAM database hashes:
|
|
|
|
`mimikatz "lsadump::sam"`
|
|
|
|
- Extract Kerberos tickets and export to a file:
|
|
|
|
`mimikatz "kerberos::list /export"`
|
|
|
|
- Exit mimikatz:
|
|
|
|
`exit`
|