Options

Credential Theft Windows 10

SaSkillerSaSkiller Member Posts: 337 ■■■□□□□□□□
in Off-Topic
Anyone know what Windows 10's attack surface is from credential theft vulnerabilities even with Credential Guard in place? I can't imagine this is the silver bullet that MS says it is, has anyone done any testing or seen any vulnerabilities specific to WX?
OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.
· Share on FacebookShare on Twitter

Comments

  • Options
    gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    If you have 10 just download and run mimikatz and wce and see what they are able to recover. All other tools relying on similar techniques or incorporating mimikatz functionality such as PowerSploit or Metasploit won't show anything if these two won't work.

    In addition to grabbing NT hashes, Kerberos tickets and plain-text passwords from lsass.exe try to use these tools to get the passwords from lsass.exe memory ****, full memory ****, hiberfil.sys.
    · Share on FacebookShare on Twitter
  • Options
    fmitawapsfmitawaps Banned Posts: 261
    All my computers are on Windows 7, and they are staying that way. I don't need 10, and will all the information that 10 steals and reports to Microsoft, I don't need it even more.
    · Share on FacebookShare on Twitter
  • Options
    gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    fmitawaps wrote: »
    All my computers are on Windows 7, and they are staying that way. I don't need 10, and will all the information that 10 steals and reports to Microsoft, I don't need it even more.

    I've read that MS gets a little back by promising to introduce controls for enterprise to disable this feature. Also, it existed for decades in the form of windows error reporting and other telemetry tech, many other companies do that, such as anti-virus vendors, etc. Besides, you can disable it using varioius tricks or by downloading and installing 3rd party software if you are lazy.

    Also, I suppose you aren't writing this post from your Chrome browser or Android phone, cause Google owns everything by default, are you?
    · Share on FacebookShare on Twitter
  • Options
    SaSkillerSaSkiller Member Posts: 337 ■■■□□□□□□□
    gespenstern wrote: »
    If you have 10 just download and run mimikatz and wce and see what they are able to recover. All other tools relying on similar techniques or incorporating mimikatz functionality such as PowerSploit or Metasploit won't show anything if these two won't work.

    In addition to grabbing NT hashes, Kerberos tickets and plain-text passwords from lsass.exe try to use these tools to get the passwords from lsass.exe memory ****, full memory ****, hiberfil.sys.

    Im not doing it, i have no experience with it and i certainly dont have a copy of w10 enterprise properly configured. I figured someone has to have tested this by now. Saw a YT video on one, but it was pro. Supposedly this is only on enterprise.
    OSWP, GPEN, GWAPT, GCIH, CPT, CCENT, CompTIA Trio.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.