CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/post/windows/gather/lsa_secrets.md
Views: 1904
Vulnerable Application
This module will attempt to enumerate the LSA Secrets keys within the registry. The registry value used is: HKEY_LOCAL_MACHINE\\Security\\Policy\\Secrets\\
.
Verification Steps
Start msfconsole
Get a shell on a Windows computer, with
SYSTEM
privs.Do:
use post/windows/gather/lsa_secrets
Do:
set session #
Do:
run
You should get LSA Secrets.
Options
STORE
If the decrypted values should be stored in the database. This is a tradeoff since there is no way to tell if a decrypted value is a legitimate password, thus you may fill your database with bad values. Default is true
.
Scenarios
Windows 10
The DefaultPassword
in this case is legitimate.