scauth 🛠️

Work in progress

crypto::scauth it creates a authentication certificate (smartcard like) from a CA. It has the following command line arguments:

  • /hw: at the time of writing, 17th December 2021, we don't know what this option is used for

  • /csp: the crypto certificate provider

  • /pin: the smartcard PIN

  • /nostore: do not interact with the store

  • /caname: the subject name of the certificate authority (needed to sign the certificate)

  • /castore: the system store that contains the certificate authority (default: CERT_SYSTEM_STORE_LOCAL_MACHINE)

  • /upn: the User Principal Name (UPN) targeted (eg: user@lab.local)

  • /pfx: the filename for saving the final certificate (default: no file, stored in CERT_SYSTEM_STORE_CURRENT_USER)

mimikatz # crypto::scauth /caname:KiwiAC /upn:user@lab.local /pfx:user.pfx
CA store       : LOCAL_MACHINE
CA name        : KiwiAC
CA validity    : 22/08/2016 22:00:36 -> 22/08/2021 22:10:35
Certificate UPN: user@lab.local
Key container  : {a1bd29ec-4203-4aac-8159-40f28f96335b}
Key provider   : Microsoft Enhanced Cryptographic Provider v1.0
Private Export : user.pfx - OK
PreviousscNextstores

Last updated