Can someone please help me with “Using the techniques in this section, find the cleartext password for an account on the target host.”?
Hey there!
A hint: enumerate the box with Powershell cmdlets, following the section’s examples.
Check for the local user descriptions
Hi, I finally found the answer with a Powershell command get-something, no need to be admin to run it.
Didn’t we talk about " Sticky Notes" !
WinPeas → and check the results
+1
They say better late than never.
So, after enumerating C:\Users\<user>\AppData\Local\Packages\
I could not identify a single folder pertaining to sticky notes. Unlike the course’s example, there is no folder containg the keyword Sticky or Note in it. The bottom line is that I could not do that programmatically. However, if you open the sticky notes via the GUI (since you have a RDP session ON), you can see the password written in plaintext right there.