search

gentilkiwi / mimikatz

A little tool to play with Windows security
http://blog.gentilkiwi.com/mimikatz
19.51k stars 3.75k forks source link

sekurlsa::logonPasswords does not show password #204

Closed ilovefood2 closed 5 years ago

ilovefood2 commented 5 years ago

I was trying to test program following instructions from wiki and for basic passwords retrieval the program does not show anything, even though my password is simple as one letter.

environment : win10 x64 1803 no antivirus disabled windows defender powershell was run under administrator privilege ` mimikatz # privilege::debug Privilege '20' OK

mimikatz # sekurlsa::logonPasswords

Authentication Id : 0 ; 6518309 (00000000:00637625) Session : RemoteInteractive from 3 User Name : testuser Domain : COMPUTER Logon Server : COMPUTER Logon Time : 4/22/2019 3:01:54 AM SID : S-1-5-21-1089944888-3404997787-2047992866-1002 msv : [00000003] Primary

no matter how I tried, passwords always showed ### null

any idea why?

super0xbad1dea commented 5 years ago

WDigest should be disabled by default in Win10 1803, this could be the reason.

ilovefood2 commented 5 years ago

then what can we do in this case?

xixiranran commented 5 years ago

WDigest should be disabled by default in Win10 1803, this could be the reason.

this is not the reason?i cannot make it works.

super0xbad1dea commented 5 years ago

Dudes, if you wanna play with this, just search it how to enable WDigest. Be curious.

Look here: http://woshub.com/how-to-get-plain-text-passwords-of-windows-users/

Enable WDigest (Plz only in your Lab) reg add HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest /v UseLogonCredential /t REG_DWORD /d 1

ilovefood2 commented 5 years ago

I don't think this is the cause since I tried on another win10 machine and passwords showed up. the only thing different with those two machines is that one is non-domain, the other is. so I guess this tool doesn't work on non-domain user accounts?

xixiranran commented 5 years ago

Dudes,如果你想玩这个,只需搜索它如何启用WDigest。保持好奇心。

请看这里:http//[woshub.com/how-to-get-plain-text-passwords-of-windows-users/](http://woshub.com/how-to-get-plain-text-passwords-of-windows-users/)

启用WDigest(仅在实验室中使用Plz) reg add HKLM \ SYSTEM \ CurrentControlSet \ Control \ SecurityProviders \ WDigest / v UseLogonCredential / t REG_DWORD / d 1

I Have tried it but it not works.

gentilkiwi commented 5 years ago

https://github.com/gentilkiwi/mimikatz/issues/40#issuecomment-220830921