NetExec GithubNetexec Lab
Edit

🆕Dump DPAPI

Dump DPAPI credentials using NetExec

You can dump Credential Manager secrets for the connecting user with the following option: --dpapi. No Admin privileges needed!

nxc winrm <ip> -u user -p password --dpapi

Example

The Puppy machine on HackTheBox is a good example of this technique

LogoJoin The Best Hacking Community Worldwide | Hack The BoxHack The Box
PreviousDump LSANextPassword Spraying

Last updated

Was this helpful?