3 box enum jason
#winpeas.exe needs .NET v4.0
dir /b %windir%\Microsoft.NET\Framework\v*
v1.0.3705
v1.1.4322
v2.0.50727
v4.0.30319
systeminfo
Host Name: ATOM
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19042 N/A Build 19042
System Type: x64-based PC
PEAS
[+] Cached Creds
[?] If > 0, credentials will be cached in the registry and accessible by SYSTEM user https://book.hacktricks.xyz/windows/stealing-credentials/credentials-protections#cached-credentials
cachedlogonscount is 10
[+] UAC Status
[?] If you are in the Administrators group check how to bypass the UAC https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#basic-uac-bypass-full-file-system-access
ConsentPromptBehaviorAdmin: 5 - PromptForNonWindowsBinaries
EnableLUA: 1
LocalAccountTokenFilterPolicy: 1
FilterAdministratorToken: 1
[*] LocalAccountTokenFilterPolicy set to 1.
[+] Any local account can be used for lateral movement.
[+] Looking for AutoLogon credentials
Some AutoLogon credentials were found
DefaultDomainName : ATOM
DefaultUserName : jason
=(Services Information)=
Redis(Redis)["C:\Program Files\Redis\redis-server.exe" --service-run "C:\Program Files\Redis\redis.windows-service.conf"] - Auto - Running
This service runs the Redis server
=(Windows Credentials)=
Username: ATOM\jason
Password: kidvscat_electron_@123
Target: ATOM\jason
PersistenceType: Enterprise
LastWriteTime: 3/31/2021 2:53:49 AM
[+] Enumerating Security Packages Credentials
Version: NetNTLMv2
Hash: jason::ATOM:1122334455667788:96058f83c601a41e3409a43102c4e976:0101000000000000dbd5c5f77640d70153d0865d0c559bc9000000000800300030000000000000000000000000200000a2802b8f2d721bdccd6ca4da5c452c2a3bed3183d330ad5fdc93f7fcd51516aa0a00100000000000000000000000000000000000090000000000000000000000
[+] Looking for possible password files in users homes
[?] https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#credentials-inside-files
C:\Users\All Users\Microsoft\UEV\InboxTemplates\RoamingCredentialSettings.xml
[+] Looking for documents --limit 100--
C:\Users\jason\Downloads\PortableKanban\User Guide.~pdf
C:\Users\jason\Documents\UAT_Testing_Procedures.pdf
Last updated