Jump to content

[PAYLOAD] QuickCreds


Darren Kitchen
 Share

Recommended Posts

  • 1 month later...

I ran Responder for about ~13 minutes on a locked screen. I added a few words to the payload so it saves the output of Responder in a .txt file

Open a shell, cd to the directory where you saved it and type "cat respondertext.txt", so you can view it correctly.

Anyone has ideas how I get to the hashes? It looks like it just finds nothing.

respondertext.txt

Link to comment
Share on other sites

  • 4 weeks later...

You know I thought that too but a fresh install of Win10 1903 and I still get hashes running quickcreds.  So I have no idea why it still works on mine.  I suppose I could leave the machine on for a while and let Billy-Bob install a bunch of updates and see if I still get hashes after that.  Might be interesting to see. 

Link to comment
Share on other sites

  • 1 month later...

@Bob123 I think I got the solution finally.

I have a Microsoft account as account on both my laptop and PC, so I can synchronize with OneDrive between them. As I said, I left it for 20 minutes and it didn't work.

OK, so here is the solution: I tried it on another computer with a local account and not a microsoft account and guess what, after it booted up it instantly grabbed the hashes, like literally instantly.

So for anyone who had the same problem as me, it only works on local accounts. But it still works.

I'm so happy I finally found the answer.

Link to comment
Share on other sites

That's interesting.  I've never tried it on a computer with an MS connected account.  I'll have to give that a shot.  I wonder how that works, if it actually keeps a hash on the computer since it isn't a local account.  But that's cool I'm glad you got it to work.

Link to comment
Share on other sites

I do not know exactly how many of the private users use a ms account, but what I know, is that almost every company uses local accounts for their employees. That means, if you'd use it on the field, depending on where you use it and in which environment, you'll probably be successful. 

Link to comment
Share on other sites

  • 4 months later...
  • 1 year later...
  • 1 month later...
  • 4 weeks later...
On 11/18/2021 at 12:49 PM, dark_pyrro said:

I used QuickCreds yesterday (with the latest Responder version) and I got loot (even from one of my Enterprise/domain joined Win 10 boxes).

Check my post (and at least parts of the post before that one in the same thread) and you should be able to get it working.

 

I have some troubles with you support for python 3. If i run the command make for openssl it tell me a failure:

Makefile:4128: recipe for target 'configdata.pm' failed
make: *** [configdata.pm] Error 1

Link to comment
Share on other sites

9 minutes ago, l3z said:

I have some troubles with you support for python 3. If i run the command make for openssl it tell me a failure:

Makefile:4128: recipe for target 'configdata.pm' failed
make: *** [configdata.pm] Error 1

Ok I have my prob solved it was the timezone...

Link to comment
Share on other sites

 

On 11/18/2021 at 12:49 PM, dark_pyrro said:

I used QuickCreds yesterday (with the latest Responder version) and I got loot (even from one of my Enterprise/domain joined Win 10 boxes).

Check my post (and at least parts of the post before that one in the same thread) and you should be able to get it working.

 

He i have trouble with install the rustc it will not work. After the install it show me rtc doesn´t exists. Do you know this problem?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...