bootkey

sekurlsa::bootkey sets the SecureKernel Boot Key and attempts to decrypt LSA Isolated credentials. It has the following command line arguments:
/new: the new Boot key value
/raw: RAW memory search for candidate keys in cache
/flush: it flushes cache
mimikatz # sekurlsa::bootkey
​
Candidate keys in cache:
​
Current IumMkPerBoot: <none>

backupkeys

cloudap

Last modified 11mo ago