During a recent CTF there was a challenge to get the plaintext password from an lsass.exe dump on a windows 11 machine. Since wdigest is disabled by default in windows 11 there was no support for this in pypykatz, but by simply adding the following code, everything works as expected.
Thanks again for a great tool :)
also added the lsass dump file from the CTF below so you can verify it works
During a recent CTF there was a challenge to get the plaintext password from an lsass.exe dump on a windows 11 machine. Since wdigest is disabled by default in windows 11 there was no support for this in pypykatz, but by simply adding the following code, everything works as expected.
Thanks again for a great tool :) also added the lsass dump file from the CTF below so you can verify it works
lsass.tar.gz