11 Responses to “Windows 8 Clear Text Passwords from Locked Desktop with Mimikatz”

  1. Should indicate that you would have to setup the utliman exploit first then wait for someone to login with their password and lock their computer before you are able to run mimikatz and recover the password

    • Hi Will!

      Yeah, I kinda mentioned those facts.🙂

      First you need to be able to enable the system level command prompt from the login screen.”

      If no-one has logged onto the system yet, there are no passwords in memory for Mimikatz to pull.

      Thanks for the input!

      Dan

  2. also hope that their AV doesnt pick up the binary and erase it from your USB

    • Yeah, it didn’t, I was actually kind of surprised about that. I thought Mimikatz would trigger the built in MS AV. And the machine that I originally downloaded Mimikatz on didn’t trigger either.

      Or should I say, didn’t trigger yet, wait a week, lol.🙂

      Thanx again for the comment Will!

  3. […] See on cyberarms.wordpress.com […]

  4. […] CYBER ARMS – Computer Security … Last time I checked, the login bypass worked on all of Microsoft's Operating Systems (including Server) so making sure your systems are physically secure is of utmost importance.  […]

  5. Reblogged this on Yury Chemerkin.

  6. […] As a penetration tester, how cool would it be (if you had physical access to a system) to be able to grab the passwords off of a Windows system that was sitting at a locked login prompt? And what i…  […]

  7. Reblogged this on lava kafle kathmandu nepal.

  8. […] folks at Cyber Arms explain how to use Mimikatz to pull clear text passwords from a locked Windows 8 […]

  9. […] As a penetration tester, how cool would it be (if you had physical access to a system) to be able to grab the passwords off of a Windows system that was sitting at a locked login prompt?  […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: