Linux command
impacket-secretsdump 命令
文件
复制后可按需替换文件名、目录或参数。
常用示例
Dump secrets from domain controller
impacket-secretsdump [domain]/[user]:[password]@[target]
Dump using NTLM hash
impacket-secretsdump -hashes :[hash] [domain]/[user]@[target]
Dump from local SAM file
impacket-secretsdump -sam [SAM] -system [SYSTEM] LOCAL
Dump NTDS.dit
impacket-secretsdump -ntds [ntds.dit] -system [SYSTEM] LOCAL
Just DCSync (no registry)
impacket-secretsdump -just-dc [domain]/[user]:[password]@[dc]
说明
impacket-secretsdump extracts credentials from Windows systems via SAM, LSA secrets, cached credentials, and NTDS.dit. Part of the Impacket toolkit. Supports DCSync for domain controllers. For authorized penetration testing and security assessments only.
参数
- -hashes _lm:nt_
- Use NTLM hashes.
- -sam _file_
- Local SAM file.
- -system _file_
- Local SYSTEM hive.
- -ntds _file_
- NTDS.dit file.
- -just-dc
- Extract only NTDS.dit data via DCSync.
- -just-dc-ntlm
- Extract only NTLM hashes.
- -k
- Use Kerberos authentication.
FAQ
What is the impacket-secretsdump command used for?
impacket-secretsdump extracts credentials from Windows systems via SAM, LSA secrets, cached credentials, and NTDS.dit. Part of the Impacket toolkit. Supports DCSync for domain controllers. For authorized penetration testing and security assessments only.
How do I run a basic impacket-secretsdump example?
Run `impacket-secretsdump [domain]/[user]:[password]@[target]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -hashes _lm:nt_ do in impacket-secretsdump?
Use NTLM hashes.