search
NetExec GithubNetexec Lab
githubEdit

🆕Dump DPAPI

Dump DPAPI credentials using NetExec

You can dump Credential Manager secrets for the connecting user with the following option: --dpapi. No Admin privileges needed!

nxc winrm <ip> -u user -p password --dpapi

hashtag
Example

The Puppy machine on HackTheBox is a good example of this technique

LogoJoin The Best Hacking Community Worldwide | Hack The BoxHack The Boxchevron-right
PreviousDump LSANextPassword Spraying

Last updated

Was this helpful?