Any actions and or activities related to the material contained within this blog is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
This script is published for educational use only. I am no way responsible for any misuse of the information.
This article is related to Computer Security and I am not promote hacking / cracking / software piracy.
This article is not a GUIDE of Hacking. It is only provide information about the legal ways of retrieving the passwords. You shall not misuse the information to gain unauthorised access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.
I looked at the work of Benjamin DELPY about his tools mimikatz.
I wanted to be able to check if it was possible to do the decryption passwords with PowerShell.
The goal was to do it with PowerShell and without any call to .dlls systems to decrypt the passwords.
What the script can do (get windows password in memory)
The script doesn't work with system .dlls to decrypt data. All the decryptions are made in the script.
The script can reveal any password from 2003 to 2012 (tested on Windows 2003, 2008R2, 2012, Windows 7 and Windows 8).
It can reveal local passwords, it can reveal passwords from a dump you took or it can reveal passwords from a remote host.
The script is a proof of concept of how retrieve Windows credentials with Powershell and CDB Command-Line Options (Windows Debuggers).
It works even if you run it on another architecture than the system targeted.
My main purpose is to prevent this type of attack against your network. To avoid these attacks, you need to understand how important it is to segregate rights you give to people but also to SysAdmin and anyone who works on your network.
You cannot give a right before being sure it is not a breach opened on your network.
Don't give too much (administrator, debug) rights to your user.
Audit, audit, audit.
Technology
PowerShell and CDB Command-Line Options (Windows Debuggers)
Features
Retrieve login and password in memory locally and remotely
Triple DES decryption
AES decryption
DES-X decryption
The demo
The code is quick and dirty for the POC.
\
\ /\ Follow the white Rabbit :-)
( ) pabraeken@gmail.com
.( @ ).
Powershell - Reveal Windows Memory Credentials : https://github.com/giMini/RWMC
Thanks to Benjamin Delpy for his work with mimikatz and Francesco Picasso for his work on DES-X.
Bonjour,
RépondreSupprimerQUels sont les pré-requis sur un poste pour tester ce script?
Bonjour,
RépondreSupprimerPour tester le script, il faut :
* PowerShell 3.0
* Autoriser PowerShell sur votre machine : Set-ExecutionPolicy Unrestricted -force
* Une connexion Internet.
Le script a été testé depuis Windows 7 et Windows 8 pour retrouver des mots de passe provenant de Windows server 2003,2008R2,2012, Windows 7 et 8
To run effectively this script you need :
* PowerShell 3
* Allow PowerShell script on you machine, example : Set-ExecutionPolicy Unrestricted -force
* An Internet connection
The script was tested on a 7 and on a 8 machine to retrieve password from Windows Server 2003,2008R2,2012,7 and 8.
good job colleague!
RépondreSupprimerACTIVE & FRESH CC FULLZ WITH BALANCE
RépondreSupprimerPrice $5 per each CC
DETAILS
=>CARD TYPE
=>FIRST NAME & LAST NAME
=>CC NUMBER
=>EXPIRY DATE
=>CVV
=>FULL ADDRESS (ZIP CODE, CITY/TOWN, STATE)
=>PHONE NUMBER,DOB,SSN
=>MOTHER'S MAIDEN NAME
=>VERIFIED BY VISA
=>CVV2
*Time wasters & cheap questioners please stay away
*You can buy for your specific states too
*Payment in advance
Contact Us:
-->Whatsapp > +923172721122
-->Email > leads.sellers1212@gmail.com
-->Telegram > @leadsupplier
-->ICQ > 752822040
US FRESH, TESTED & VERIFIED SSN LEADS
$1 PER EACH
(INFO)
First Name | Last Name | SSN | Dob | Address | State | City | Zip | Phone Number | Account Number | Bank Name | DL Number |
Home Owner | IP Address | MMN | Income
*Hope for the long term deal
*If anyone need leads In bulk, I'll definitely negotiate
US DUMP TRACK 1 & 2 WITH PIN CODES ALSO AVAILABLE