Jump to content

eeeeeesy

Active Members
  • Content Count

    23
  • Joined

  • Last visited

About eeeeeesy

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I also tried nishangs mimikatz with the command Invoke-Mimikatz -Command dpapi::chrome /in:"%localappdata%\Google\Chrome\User Data\Default\Login Data" /unprotect But I get this error about /unprotect so its not decrypting the login data from chrome. Invoke-Mimikatz : A positional parameter cannot be found that accepts argument '/unprotect'. At C:\Users\user4\Desktop\newest working mimikats by nishang\Invoke-Mimikatz.ps1:2754 char:1 + Invoke-Mimikatz -Command dpapi::chrome /in:"%localappdata%\Google\Chr ... Could you tell me what I'm doing wrong?
  2. Is there a working Get-ChromeDump.ps1 or Get-SessionCookieDump.ps1 or nishangs Get-WebCredentials.ps1? or do you know how to get the Empire version of ChromeDump.ps1 to work? When I run the empire version, it dumps the search history fine but when it dumps the username and password the password does not show up, just the username and search history shows up. I also get an error when running Get-ChromeDump.ps1. Here is the error when running Get-ChromeDump.ps1 Exception calling "Unprotect" with "3" argument(s): "The parameter is incorrect. " At line:153 char:9 + $decrypt
  3. @Darren Kitchenis there a payload for bruteforcing old ipad pins? and do you have the link? also would need to know what ducky firmware to use for that. im thinking twin duck c_duck 2.0 firmware.
  4. How can I do all that though? It might take a while to post all that on here, so can you come on irc.hak5.org #hak5 and help me when you have time please?
  5. @PoSHMagiC0de I'm just trying to use it to dump passwords from memory . Any idea how i do that?
  6. @PoSHMagiC0de Ok so I got the BC security empire invoke-mimkatz 11-25th update just now and i still have the same error 0x2 which means .dmp file is not found even when running as administrator and bypassing uac. I've done a search on my entire c drive for lsass.dmp and cant find it because the .dmp file is never created. Can you please post a link directly to the invoke-mimikats.ps1 that I should try? Maybe I still have the wrong one. Invoke-Mimikatz -Command '"log %TEMP%\mimikatz.log" "privilege::debug" "sekurlsa::minidump %TEMP%\lsass.dmp" "sekurlsa::tspkg"' mimika
  7. So do you have this totally decoded invoke-mimikatz script that I can check the save path of the .dmp file?
  8. @PoSHMagiC0de Thank you for your response. I managed to get this powershell script working with this command as administrator Invoke-Mimikatz -Command '"privilege::debug" "sekurlsa::minidump lsass.dmp" "sekurlsa::tspkg"' I read that minidump still works instead of the lsa permission method. Now the only error i get is error 0x2 which is a file not found error because tspkg cant find the .dmp file. I cant find minidump in the script to see if the proper code is there to create the .dmp file or what path the .dmp file might be saving to, and I believe the minidump code mig
  9. @PoSHMagiC0de Compared to the rest, this script actually runs. Thank you, but I'm having a small problem. My issue is that I get a memory error and it exits. But at least its not a code error. Can you tell me what I'm doing wrong? Here is the error. .#####. mimikatz 2.1.1 (x64) built on Aug 3 2018 17:05:14 - lil! .## ^ ##. "A La Vie, A L'Amour" - (oe.eo) ## / \ ## /*** Benjamin DELPY `gentilkiwi` ( benjamin@gentilkiwi.com ) ## \ / ## > http://blog.gentilkiwi.com/mimikatz '## v ##' Vincent LE TOUX ( vincent.letoux@
  10. function Get-Keystrokes { <# .SYNOPSIS Logs keys pressed, time and the active window. PowerSploit Function: Get-Keystrokes Author: Chris Campbell (@obscuresec) and Matthew Graeber (@mattifestation) License: BSD 3-Clause Required Dependencies: None Optional Dependencies: None .PARAMETER LogPath Specifies the path where pressed key details will be logged. By default, keystrokes are logged to %TEMP%\key.log. .PARAMETER CollectionInterval Specifies the interval in minutes to capture keystrokes. By default, keystrokes are captured indefinitely. .PA
  11. do you think this will work? the Moblin Live Image | moblin.org
  12. yes but if i use the name qtparted at the end of my google search then i might find a post where somone has a similar problem. right?
  13. im doing a google search to see what i find for mount: can't find /dev/sdc1/ in /etc/fstab or /etc/mtab qtparted maybe it will help EDIT: I dont want to try creating a new fstab entry because im sure a different sd card will work but im not letting 4gb go to waste so easily so ill keep looking
  14. mount point /mountpoint does not exist
  15. mount: can't find /dev/sdc1/ in /etc/fstab or /etc/mtab
×
×
  • Create New...