Mimikatz
Mimikatz has been one of the most popular and standby tools for password attacks for many years. I have used this so many times that I couldn’t even count how many, and I still find new ways to use it! Mimikatz is a powerful post-exploitation tool commonly used by attackers to extract plaintext passwords, NTLM hashes, Kerberos tickets, Terminal Server creds and much more!
Dumping NTLM Hashes with Mimikatz
➢ Download the latest version of Mimikatz from the tool website
➢ Deploy Mimikatz on a Windows target
➢ Run “Mimikatz.exe”
➢ Type, “privilege::debug”
➢ And then “sekurlsa::logonpasswords”
If successful you will now have the NTLM hash of the currently logged on user, and any other user who...