search

Credential Hunting

hashtag
Key Terms to Search

Passwords
Passphrases
Keys

Username

User account

Creds

Users

Passkeys

Passphrases

configuration

dbcredential

dbpassword

pwd

Login

Credentials

hashtag
Using Lazagne

LogoGitHub - AlessandroZ/LaZagne: Credentials recovery projectGitHubchevron-right

hashtag
Using findstr

Here are some other places we should keep in mind when credential hunting:

  • Passwords in Group Policy in the SYSVOL share

  • Passwords in scripts in the SYSVOL share

  • Password in scripts on IT shares

  • Passwords in web.config files on dev machines and IT shares

  • unattend.xml

  • Passwords in the AD user or computer description fields

  • KeePass databases --> pull hash, crack and get loads of access.

  • Found on user systems and shares

  • Files such as pass.txt, passwords.docx, passwords.xlsx found on user systems, shares, Sharepoint

PreviousActive Directory and NTDS.ditNextLinux Local Password Attacks

Last updated