Contact us: info@akimbocore.com

Extracting Domain Hashes: VSSAdmin

Published: 19 October 2020    Last Updated: 03 July 2023

We covered extracting domain hashes with Mimikatz previously, but that's not always the best approach - for example where anti-virus is getting in the way. However there are other options for the same goal. This time around we'll take a look at using VSSAdmin, a built-in Windows tool. VSSAdmin is the Volume Shadow Copy Administrative command-line tool and it can be used to take a copy of the NTDS.dit file - the file that contains the active directory domain hashes.


Continue Reading

Categories

Fixing

Guidance on remediating vulnerabilities.

Infrastructure

Articles concentrating on network and operating system level attacks.

Web Application

Articles covering attacks against web applications and their associated APIS.

Breaches

Articles concentrating on past data breaches, looking for lessons learned.

Wireless

Articles covering breaking into wireless networks and how to keep them safe.

Building

Articles about building secure systems.

Cheat Sheets

Cheat sheets containing common commands or payloads for common vulnerabilities.

Copyright © 2021 Akimbo Core Ltd

Company Number: 13143302

Build: 6-11