Post Exploitation

LinikatzV2 – Unveiling UNIX Secrets in Active Directory Environments

LinikatzV2 is a bash script based on the Linikatz tool developed by time-machine (link). It allows post-exploitation tasks on UNIX computers joined to Active Directory, using various methods for credential mining.

This tool needs root privileges to be run on the host system.

It allows extraction of :

  • Hashed stored in files for offline connection (SHA-512 format)
  • Kerberos tickets (user & machine)
  • Clear passwords in RAM
  • NTLM machine hash
  • AES-128 & AES-256 machine keys

Optional :

  • Configuration files (SSSD, VAS, etc)

Some of these actions may not produce results. Typically, the presence of hashes and clears in RAM depends on a user’s connection to the UNIX system.

Usage

$ sudo ./linikatzV2.sh

Various options are available :

  • -c | –conf-files : Dumps configuration files.
  • –hash-output=file.txt : Allows you to choose the name of the output file containing the hashes.
  • -n | -no-file : Removes the process dump files, etc.
  • -k | –kerberos-tickets : Create a copy of the Kerberos tickets found.
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

3 hours ago

Exploring User Management in Linux Systems

User management is a critical aspect of Linux administration. Each user in a Linux system…

4 hours ago

How to List Users in Linux

Managing users is an essential part of Linux system administration. Knowing how to list all…

4 hours ago

Nmap cheat sheet for beginners

Nmap (Network Mapper) is a free tool that helps you find devices on a network,…

2 days ago

Understanding the Model Context Protocol (MCP) and How It Works

Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…

1 week ago

The file Command – Quickly Identify File Contents in Linux

While file extensions in Linux are optional and often misleading, the file command helps decode what a…

1 week ago