Mimikatz – Multi-tool to play with Windows security
Mimikatz tool have been presented in international conferences such as blackhat and DefCon. This tool is designed to work with credentials on windows operating system. Mimikatz allows to extract passwords in plaintext, hash, PIN code or Kerberos tickets from the memory.
Any windows operating system include the local security authority that deal with the local security policy and authentication services. He process is loaded during the system boot and when user sign on the system he will have access according to his profile to files and application without making one more authentication using the SSO and credential stored in memory.
Here the system may store the password in plaintext or hashed and using Mimikatz an attacker will be able to have the password of the system. This tool can also be used on the Active directory which will allow a pentester find every users credentials.
Some of the functionality:
- Dump credentials from LSASS
- Generate Kerberos Golden Tickets
- Generate Kerberos Silver Tickets
- Export certificates and keys
- Basic GPO bypass