Mimikatz is great tool to get cleat text password . it extract password from memory. If you want to use ; here is my previous tutorial . Also it include now in metasploit. But now most of Antivirus detect it. So now we use another method to get clear text password using mimikatz alpha.
(1)It`s post exploitation method ;so first you have to get meterpreter session using metasploit. If you are new ; then visit metasploit section of blog. You also need admin access of box. So for that you can use bypassuac module of metasploit.
(2)First download latest mimikatz which contain alpha version of it from following link.
Then download process dump from following link
(3)Now make one batch file name it to procdump.bat . paste following code into batch file.
C:\windows\temp\procdump.exe -accepteula -ma lsass.exe C:\windows\temp\dump_file.dmp 2>&1
(4)Now from meterpreter session upload procdump.bat & downloaded procdump.exe file to C:\windows\temp folder.
(5)Now go to shell from meterpreter & if you are not in temp directory change it to the C:\windows\temp
Now here what we do is create scheduled task.So type following command in shell.
at \\192.168.1.3 20:55 C:\windows\temp\procdump.bat
So what this batch file do. It create process dump file using procdump.exe.
(6)Now download dump_file.dmp from temp folder ; then remove uploaded file from folder & clear ev.
We have process dump file ; so we can extract password from this file using minidump .But only one requirement is we should running mimikatz on same version & architecture from where we pull.
Go to folder alpha & then according to your victim o.s and put dump_file.dmp in that folder.
(8)Open mimikatz.exe from cmd which is in folder alpha/win32 & type following command.
(9)It`s final step type this command in cmd.
Disadvantage of this process is size of dump file . In my case it`s 25 m.b ; but it depend on running process.
Now you have all credential of victim in clear text.If you face any difficulty you can mention in comment.