Vry4n is a Security Engineer, focused on Offensive/Defensive techniques.
"I believe that knowledge should be free shared with world."
NTDS.DIT These hashes are stored in a database file in the domain controller (NTDS.DIT) with some additional information like group memberships and users. The NTDS.DIT file is constantly in use by the operating system and Read more…
Cached domain logon information Windows caches previous users’ logon information locally so that they can log on if a logon server is unavailable during later logon attempts. If a domain controller is unavailable and a Read more…
In Windows 10 we can also gather credentials. This guide is focused on techniques that work in Windows 10. The attacker need at least an account or shell in the server That user need administrative Read more…
This time our target is Windows 7, having a reverse connection and appropriate privileges we can gather hashes, this is part of post exploitation activity. Metasploit Hashdump With hashdump meterpreter command we can extract hashes, Read more…
This is to demonstrate different techniques to extract Windows users’ password. We need admin privileges to gather this information. Metasploit Hashdump Having a meterpreter session we can execute the command “hashdump” to get the values Read more…
Most of the theory here has been taken from SANS documentation (https://www.sans.org/reading-room/whitepapers/testing/paper/39170) . This is intended to provide a summary about NT hashes and Pass the hash. LM Password Hashes The LAN Manager hash was Read more…