Skip to content

smb live secretsdump command

skelsec edited this page Apr 14, 2021 · 1 revision

What it does

performs lsassdump, regdump and dcsync

Remarks

Improvements needed

Requirements

  • A user context that has admin right to the remote machine, for DCSYNC you will need getchanges/getchangesall rights as well.

Subcommands

None

Switches

  • host: Target hostname or IP
  • --json : Output results in JSON format
  • -g or --grep : Output results in greppable format
  • -k : Kerberos directory to write tickets there in kirbi and CCACHE format
  • --chunksize: Specifies how large each chunk should be read over SMB for the parsing
  • -p : Specifies which LSASS packages to parse. Default: all
  • -o or --outfile : Writes the secrets to the specified file

Examples

  • pypykatz live smb secretsdump win2019ad.test.corp: Performs secretsdump.
Clone this wiki locally