云平台申请的windows虚机开通了花生壳内网版端口映射,打算手机远程办公,手机端安装Microsoft remote desktop apk。想法很美好,可惜电脑远程桌面的保存密码无法查看,wtf😂
花生壳内网版
freebuf每天一篇没有白刷,顿时灵光一现,思路清奇,一款上古神器mimikatz迎面走来,两条命令搞定windows密码:
1. 获得授权
mimikatz # privilege::debug
Privilege '20' OK
2.提取密码
mimikatz # sekurlsa::logonpasswords
Authentication Id : 0 ; 301402 (00000000:0004a22a)
Session : Interactive from 1
User Name : Administrator
Domain : AAAAA
Logon Server : AAAAA
Logon Time : 2018/4/16 17:27:20
SID : S-1-5-21-440956645-316166371-3431273197-500
msv :
[00010000] CredentialKeys
* NTLM : 0f13f7a133aaf39257f9ff244b98f4ef
* SHA1 : 7fda812cd33a8773fbaf47b3e5f10f53fbef162d
[00010000] CredentialKeys
* NTLM : 68c0d2136ef576aae29bf7e63f68f675
* SHA1 : c514611df6031e0f0465a6aaa34c976e2bea2f05
[00000003] Primary
* Username : Administrator
* Domain : AAAAA
* NTLM : 0f13f7d733c1f39257f9ff244b98f4ef
* SHA1 : 7fda882cd32a8773fbaf47b3e5f10f53fbef162d
tspkg :
wdigest :
* Username : Administrator
* Domain : AAAAA
* Password : ^__^
kerberos :
* Username : Administrator
* Domain : AAAAA
* Password : (null)
ssp :
credman :
[00000000]
* Username : AAAAA\de
* Domain : 10.11.11.11
* Password : 1232321
用时31秒 ✌️
网友评论