Red Team/Blue Team Practice on Wdigest

Red Team/Blue Team Practice on Wdigest

Aarti S. Aarti S.

Aarti S.

Lead Pentester | OSCP|CISM| ISO27001-2013-Lead Auditor

发布日期: 2019年2月14日
+ 关注

In this article, we will show you the methods of protecting your system against MIMIKATZ that fetches password in clear text from wdigest. As you know the Pen-tester and the red team uses mimikatz for testing password capacity. For the complete information on how mimikatz works visit this link:

https://www.hackingarticles.in/understanding-guide-mimikatz/

Table of Contents

  • Introduction
  • System impacted
  • Demonstration on Windows 7
  • Disable WDigest (defending against mimikatz)
  • Demonstration on Windows 10
  • Enable WDigest in Windows 10
  • Enable WDigest via the registry key

Introduction of WDigest

WDigest.dll was introduced in the Windows XP operating system. in Windows XP, Microsoft added support for a protocol known as WDigest. The WDigest protocol is used for clients to send clear text credentials to Hypertext Transfer Protocol (HTTP) and Simple Authentication Security Layer (SASL) applications based on RFC 2617 and 2831. When the WDigest authentication protocol is enabled, clear text password is stored, where it can be at risk of theft.

System Impacted

The problem with WDigest is that it stores passwords in memory in clear-text and it can be extracted by using MIMIKATZ. The following OS’s are impacted: Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008R2, and Windows Server 2012.

Full Article Read here

要查看或添加评论,请登录

Aarti S.的更多文章

  • HIRING
    2024年4月16日

    HIRING

    Location - India (Remote) Job Type - Full Time Experience - Entry Level (1-3 Years) Job Summary: We are seeking a…

  • Data Exfiltration using PowerShell Empire
    2019年5月27日

    Data Exfiltration using PowerShell Empire

    In our previous post, we had already discussed “Command and Control with DropboxC2” But we are going to demonstrate…

  • Development: Vulnhub Walkthrough
    2019年5月17日

    Development: Vulnhub Walkthrough

    Today we are going to take on another challenge known as “DEVELOPMENT”. This is designed for OSCP practice, and the…

  • Hack the Box : Irked Walkthrough
    2019年4月28日

    Hack the Box : Irked Walkthrough

    Today we are going to solve another CTF challenge “irked”. It is a retired vulnerable lab presented by Hack the Box for…

  • Hack the Box: Teacher Walkthrough
    2019年4月24日

    Hack the Box: Teacher Walkthrough

    oday we are going to solve another CTF challenge “Teacher”. It is a retired vulnerable lab presented by Hack the Box…

  • Covert Channel: The Hidden Network
    2019年4月21日

    Covert Channel: The Hidden Network

    Generally, the hacker uses a hidden network to escape themselves from firewall and IDS such. In this post, you will…

  • SP eric: Vulnhub Lab Walkthrough
    2019年4月17日

    SP eric: Vulnhub Lab Walkthrough

    Hello friends! Today we are going to take another CTF challenge known as “SP eric”. The credit for making this VM…

  • Command & Control: WebDav C2
    2019年4月14日

    Command & Control: WebDav C2

    In this article, we will learn how to use WebDav C2 tool. Table of Content: Introduction Installation Exploiting Target…

  • Comprehensive Guide on Netcat
    2019年4月2日

    Comprehensive Guide on Netcat

    his article will provide you with the basic guide of Netcat and how to get a session from it using different methods…

    4 条评论
  • Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework
    2019年3月27日

    Empire GUI: Graphical Interface to the Empire Post-Exploitation Framework

    This is our 8th post in the series of the empire which covers how to use empire as GUI. Empire has a great GUI…

社区洞察

其他会员也浏览了