A penetration tester has successfully gained a foothold on a Windows Server system and now has a low-privilege shell. The primary objective is to move laterally. To achieve this, the tester needs to acquire credentials from the compromised host. Which of the following tools is specifically designed to extract plaintext passwords, hashes, and authentication tokens directly from the memory of the Local Security Authority Subsystem Service (LSASS)?
Mimikatz is a post-exploitation tool specifically designed to extract sensitive credentials, including plaintext passwords, hashes, and authentication tokens, directly from the memory of the LSASS process on Windows systems. Netcat is a versatile networking utility used for tasks like creating reverse shells or transferring files, but it does not have built-in functionality to dump credentials from memory. Proxychains is a tool used to route the traffic of other applications through a series of proxies to conceal the source or pivot into other networks. MSBuild is the Microsoft Build Engine, a legitimate developer tool often abused as a LOLBin to compile and execute code, but it is not a credential dumping tool.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are system tokens in Windows?
Open an interactive chat with Bash
How does Mimikatz extract system tokens?
Open an interactive chat with Bash
Why doesn’t Netcat, Proxychains, or msbuild perform this function?