MSF's Mimikatz doesnt work on Windows 8.1 what can you do?

So you are on a Windows 8.1 box. You go to run the trusty mimikatz-->wdigest and it fails.

Well technically it will work but there wont be anything there


Using the current mimikatz that ships with metasploit (as of 1/16/2015) will not return anything. This is because 8.1 doesn't keep passwords in memory any more.

However, you should still be able to get hashes and kerberos tickets

The current standalone version of mimikatz will do this

https://github.com/gentilkiwi/mimikatz/releases/

and using the

mimikatz # sekurlsa::logonpasswords

https://github.com/gentilkiwi/mimikatz/wiki/module-~-sekurlsa



Dumping kerberos tickets should also work

mimikatz # sekurlsa::tickets /export

relevant to the above
https://github.com/gentilkiwi/mimikatz/wiki/module-~-kerberos#ptt
https://github.com/gentilkiwi/mimikatz/wiki/module-~-kerberos#golden

minidump should also work

http://blog.gentilkiwi.com/securite/mimikatz/minidump
http://carnal0wnage.attackresearch.com/2013/07/mimikatz-minidump-and-mimikatz-via-bat.html

Curious what works with different versions of Windows?

https://onedrive.live.com/view.aspx?resid=A352EBC5934F0254!2074&cid=a352ebc5934f0254&app=Excel

Other references

Mimikatz info dump:
http://adsecurity.org/?p=556

pass the ticket and golden ticket info:
http://www.glasspaper.no/Documents/UsefulHackingSeries_Episode2.pdf 

Mimikatz talk by gentilkiwi
http://www.nosuchcon.org/talks/2014/D2_02_Benjamin_Delpy_Mimikatz.pdf
https://2014.rmll.info/slides/80/day_3-1010-Benjamin_Delpy-Mimikatz_a_short_journey_inside_the_memory_of_the_Windows_Security_service.pdf

Golden Ticket tutorial
http://blog.cobaltstrike.com/2014/05/14/meterpreter-kiwi-extension-golden-ticket-howto/

https://www.christophertruncer.com/golden-ticket-generation/