Credential Theft Windows 10

Anyone know what Windows 10's attack surface is from credential theft vulnerabilities even with Credential Guard in place? I can't imagine this is the silver bullet that MS says it is, has anyone done any testing or seen any vulnerabilities specific to WX?

Find more posts tagged with

Comments

gespenstern

If you have 10 just download and run mimikatz and wce and see what they are able to recover. All other tools relying on similar techniques or incorporating mimikatz functionality such as PowerSploit or Metasploit won't show anything if these two won't work.

In addition to grabbing NT hashes, Kerberos tickets and plain-text passwords from lsass.exe try to use these tools to get the passwords from lsass.exe memory ****, full memory ****, hiberfil.sys.

fmitawaps

All my computers are on Windows 7, and they are staying that way. I don't need 10, and will all the information that 10 steals and reports to Microsoft, I don't need it even more.

gespenstern

fmitawaps wrote: »

All my computers are on Windows 7, and they are staying that way. I don't need 10, and will all the information that 10 steals and reports to Microsoft, I don't need it even more.

I've read that MS gets a little back by promising to introduce controls for enterprise to disable this feature. Also, it existed for decades in the form of windows error reporting and other telemetry tech, many other companies do that, such as anti-virus vendors, etc. Besides, you can disable it using varioius tricks or by downloading and installing 3rd party software if you are lazy.

Also, I suppose you aren't writing this post from your Chrome browser or Android phone, cause Google owns everything by default, are you?

SaSkiller

gespenstern wrote: »

If you have 10 just download and run mimikatz and wce and see what they are able to recover. All other tools relying on similar techniques or incorporating mimikatz functionality such as PowerSploit or Metasploit won't show anything if these two won't work.

In addition to grabbing NT hashes, Kerberos tickets and plain-text passwords from lsass.exe try to use these tools to get the passwords from lsass.exe memory ****, full memory ****, hiberfil.sys.

Im not doing it, i have no experience with it and i certainly dont have a copy of w10 enterprise properly configured. I figured someone has to have tested this by now. Saw a YT video on one, but it was pro. Supposedly this is only on enterprise.