Phish domain user credentials with CredsLeaker with Powershell

CredsLeaker is a powershell script that phishes information from the user. It will popup a user authentication box – The script will check the details against the domain controller until it has valid credentials.  Normally this screen is pretty common in a domain scenario and the user may have seen this box before. Once CredsLeaker … Read morePhish domain user credentials with CredsLeaker with Powershell

Remotely stealing windows credentials with WordSteal

Microsoft Word has the ability to include images from remote locations. This is an undocumented feature but was found used by malware creators to include images through http for statistics. We can also include remote files to a SMB server and the victim will authenticate with his logins credentials. This is very useful during a … Read moreRemotely stealing windows credentials with WordSteal

Stealing Credentials (Metasploit)

This document will start from you having an open session to a target machine; as well as having local administrator access on the target machine; ideally through a reverse TCP connection. Once you have an active session through any exploit of your choosing; proceed with stealing credentials from the target system. Step 1: Select the … Read moreStealing Credentials (Metasploit)