I’m going through the Credential Hunting in Windows module, I have answers to the first 3 questions, but I don’t understand where to find the default password for each newly created account (question 4).
I have three files sam, security, system, I can’t see them, the command
python3 /usr/share/doc/python3-impacket/examples/secretsdump.py -sam sam.save -security security.save -system system.save LOCAL
does not work. Do I need them at all?
I would appreciate any hints, thanks.
And sorry for my english.
Just working on that the second one which is the default password for every newly created inlanefreight domain user can be found with the findstr tool… you have to look for scripts as mentioned in the hint :)… start findstr as admin and from C:
Hello, can somebody help me with the fifth question on Credential Hunting in Windows? I’m stuck and need help. The question is: “What are the credentials required to access the Edge-Router?” Thank you !!
The hint tells me that it has something to do with “ansible”,and then I used findstr command.There is a txt file containing the word “ansible”.It points to a script file.The final answer is in the script file.
I have found the files, but I try to search for “password”, “edge”, “username” but don’t see the answer. Only referenced of the files openoffice locate in the Desktop.
Help please, I had did everything on this post including findstr with “ansible” for Q5 and Q4 (“script”, “automation”, “interesting”, “inlanefreight”) but could not find any related results
Hello Guys, I have a question and I feel confused !
In the question
Using David's hash, perform a Pass the Hash attack to connect to the shared folder \\DC01\david and read the file david.txt.
I dumped the hash and got the NTLM of david, i even set the registry DisableRestrictedAdmin
to 0 to access through rdp with his HASH and that worked.
I found my self as inlanefreight\david
When i tried to access the share : dir \DC01\david it tells me :
PS C:\> whoami
inlanefreight\david
PS C:\> dir \\DC01\david
**dir : Access is denied**
**At line:1 char:1**
**+ dir \\DC01\david**
I was perplexe, the problem is that when i do net share i don’t see that share listed to access it ( with Administrator or with David Account ) but still he indicate that i don’t have permission to access it.
I tried by luck to use from Administrator account passthehash with mimikatz and impersonate david to run his cmd using :
the second one which is the default password for every newly created inlanefreight domain user can be found with the findstr tool… you have to look for scripts as mentioned in the hint :)… start findstr as admin and from C:
