Jump to content

[PAYLOAD] QuickCreds


Recommended Posts

  • 1 month later...
  • Replies 84
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I'm also getting this issue, and I couldn't find a fix for this. Any suggestions??

https://github.com/hak5/bashbunny-payloads/tree/master/payloads/library/QuickCreds Snags credentials from locked or unlocked machines Based on the attack by Mubix of Room362.com Implements a resp

Violation of CoC

I ran Responder for about ~13 minutes on a locked screen. I added a few words to the payload so it saves the output of Responder in a .txt file

Open a shell, cd to the directory where you saved it and type "cat respondertext.txt", so you can view it correctly.

Anyone has ideas how I get to the hashes? It looks like it just finds nothing.

respondertext.txt

Link to post
Share on other sites
  • 4 weeks later...

You know I thought that too but a fresh install of Win10 1903 and I still get hashes running quickcreds.  So I have no idea why it still works on mine.  I suppose I could leave the machine on for a while and let Billy-Bob install a bunch of updates and see if I still get hashes after that.  Might be interesting to see. 

Link to post
Share on other sites
  • 1 month later...

@Bob123 I think I got the solution finally.

I have a Microsoft account as account on both my laptop and PC, so I can synchronize with OneDrive between them. As I said, I left it for 20 minutes and it didn't work.

OK, so here is the solution: I tried it on another computer with a local account and not a microsoft account and guess what, after it booted up it instantly grabbed the hashes, like literally instantly.

So for anyone who had the same problem as me, it only works on local accounts. But it still works.

I'm so happy I finally found the answer.

Link to post
Share on other sites

That's interesting.  I've never tried it on a computer with an MS connected account.  I'll have to give that a shot.  I wonder how that works, if it actually keeps a hash on the computer since it isn't a local account.  But that's cool I'm glad you got it to work.

Link to post
Share on other sites

Good to know.  Haven't tried it either on a MS account linked machine.  I personally dislike how you have to create/have an account on consumer system now for login just then to switch it back to local...

Link to post
Share on other sites

I do not know exactly how many of the private users use a ms account, but what I know, is that almost every company uses local accounts for their employees. That means, if you'd use it on the field, depending on where you use it and in which environment, you'll probably be successful. 

Link to post
Share on other sites
  • 4 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.


×
×
  • Create New...