aryma/Ares-mythic
1
0
Fork 0
mirror of https://github.com/Aryma-f4/Ares-mythic.git synced 2026-06-12 20:24:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b88b3a218456c39e6473c906213df5b3d2b565c1
Ares-mythic/documentation-payload/ares/commands/ticket_cache_list.md
Aryma 03d283cf49 refactor(payload): rename apollo to ares and update documentation 
This commit renames the Apollo payload type to Ares, moving all associated files and updating documentation accordingly. The change includes:
- Renaming directories from `apollo` to `ares`
- Updating documentation image references
- Maintaining the same code functionality while changing the payload name
- Adding new Ares-specific documentation files
- Removing old Apollo documentation files

The rename is done to reflect the new payload name while preserving all existing functionality.
2026-04-14 14:02:44 +07:00

695 B
Raw Blame History

+++ title = "ticket_cache_list" chapter = false weight = 103 hidden = false +++

{{% notice info %}} Artifacts Generated: WindowsAPIInvoke {{% /notice %}}

Summary

list information about all loaded tickets in the current active logon session. This uses lsa apis to return all relevant information about the tickets in the current session. If ran from an elevated context this also gets information on tickets in all sessions.

Arguments

luid

Optional argument to filter the tickets in the agents store to ones matching a specified luid.

Usage

ticket_cache_list -luid [luidValue]

Example

ticket_cache_list -luid [luidValue]

MITRE ATT&CK Mapping

  • T1550
Reference in New Issue View Git Blame Copy Permalink