Academy : WINDOWS PRIVILEGE ESCALATION : Further Credential Theft

Hi I have got the password (which is hashed?) of sa user in .xml inside dbvis folder.
However, I tried hashid it said it is DNSSEC(NSEC3) hash, which is highly skeptical.
Can someone pls push me to the right direction?
Thank you.

I think you have the wrong hash.
Use a tool to find the password. With it you get the password in cleartext

1 Like

Thanks man, I find it pretty stange cause file in .xml is encrypted with strange pattern. at first, it thought it was base64 or sth similar.