In every attack we need to get the windows credentials, this super important task. We need to target "LSASS.EXE" process and dump the process memory so that we can use it for extracting credentials using Mimikatz.
Here are some of the important methods,
Using ProcDump :
1. Favorite method of dumping is using "procdump.exe". This tool is from Microsoft Pstools
2. Download ProcDump.exe and upload in on remote system
3. Command : "procdump -ma lsass.exe lsass.dmp"
Using VB Script :
Download script from here :
https://drive.google.com/open?id=1jwy40ykrdEHWB1sddZ-Q5USDX9OOPOPp
rundll32 Command :
Essentially previous method VBS script is using following command for dumping Lsass.exe process
rundll32 C:\windows\system32\comsvcs.dll, MiniDump 992 C:\Users\Public\lsass.bin full
So in case you do not have VB Script with you still you can fire-up the command and dump LSASS process.
Related articles
- Hacker Search Tools
- Beginner Hacker Tools
- Hack Tools Mac
- Hack And Tools
- Pentest Tools Free
- Hack Tools For Pc
- Hacking Tools For Kali Linux
- Hack Tools 2019
- Hacking Tools
- Pentest Tools Open Source
- Pentest Tools Linux
- Hacker Tools For Pc
- Pentest Tools List
- Pentest Tools Tcp Port Scanner
- Hacking Tools Pc
- Hacker Tools 2019
- Hacking Tools Name
- Hacker Tools Online
- Hacker Tools Free Download
- Hacker Tools 2019
- Hacker Tools Online
- Blackhat Hacker Tools
- Underground Hacker Sites
- Pentest Tools Free
- Physical Pentest Tools
- Pentest Tools Bluekeep
- Pentest Tools Download
No comments:
Post a Comment