vendredi 31 juillet 2015

How to reveal Windows 10 password ?

Disclaimer
Any actions and or activities related to the material contained within this blog is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
This script is published for educational use only. I am no way responsible for any misuse of the information.
This article is related to Computer Security and I am not promote hacking / cracking / software piracy.
This article is not a GUIDE of Hacking. It is only provide information about the legal ways of retrieving the passwords. You shall not misuse the information to gain unauthorised access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.

Reveal the password of Windows 10 Home edition and PRO edition and Windows 10 Enterprise edition

If you read my previous entry on "How to reveal Windows password ?", you are aware that my tool can reveal local or domain password regardless of the difference in architecture of the machine targeted.

I just try my RWMC tool on a fresh install of Windows 10 Home edition and Windows 10 PRO edition and Windows 10 Enterprise edition, it works like a charm ;-)

1) First, add this registry key UseLogonCredential (DWORD to set to 1) in HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest and then reboot **The script does the job now**

2) You can use the 2r2 mode to reveal password from the Windows memory as you can do it on a Windows 2012R2 **Just enter "local" and the script does the job**


The result



Enjoy !

3 commentaires:

  1. Excellent script but, It is not working on new build of Win10 64bits (1511) version 10.0.10586 i tried it on 2 laptops one run first time and then next times open and closed the new windows after chosing "1) Reveal memory passwords"

    and all logs show this:

    ================================================================================================
    [White-Rabbit.ps1] version [0.4] started at 03/09/2016 12:49:58
    ================================================================================================

    --- Script terminating ---

    ================================================================================================
    Script ended at 03/09/2016 12:49:58
    ================================================================================================

    and on the other one gives the user names but paswords are blank.

    also tried to load lsass.DMP on another PC with win 7 but stayes on "Creating msdsc log
    Running..."

    forever.

    RépondreSupprimer
  2. Yep, I just tried to use it as well and all the passwords that came back were blank, I even tried to procdump the lsass process and use that with it, same thing. Plllllease fix this as I need to get in and change this password immediately. The owner passed away and I have to get in.

    RépondreSupprimer
  3. About Reveal the password of Windows 10 problem
    Hi sir
    I download the PowerMemory-master tools and I try run on the windows 10 pro version.
    And my run step is:
    1) Set-ExecutionPolicy RemoteSigned
    2) Set-ExecutionPolicy Unrestricted –force
    3)show “what do you want assess?” that I choice 1)Revealmemory passwords
    4)show “Do you want use Active Directory cmdlets?” that I choice 1)Yes
    5)show “local computer, remote computer or from a dump file?” that I choice 1) Local
    6)show “do you want to exfiltrate the data(pastebin)?” that I choice 1)Yes
    7)show”Please, enter your developer key:” that I type in 111 (I don’t know what I should key in)
    8)show “do youwant to clear event log on this local computer?” that I choice 2)No
    And it’s running and show “log txt file”.
    But the password is blank which not show.
    Execue me , can you tell me what step I do wrong?

    RépondreSupprimer