"Experimental Purpose"
1). Understand how the Windows password is read in Getpass local memory
2) Learn the process of reading the Windows password in Getpass local memory
"Experimental principle"
What we learned before was to get the management password by getting Sam and cracking Sam, today we are introducing the Getpass software, which was developed in 2012 to get windows in the Active state account plaintext password directly from Lsass.exe. Faster and more accurate than cracking Sam.
"Experimental Environment"
Getpass is often used by hackers when they have already obtained the target system Webshell, and have system permission to operate, this experiment we completed in this machine.
"Experimental Steps"
First, password cracking
1.1 Opening Getpass.exe
1.2 Double click to open the software, you can get the Windows login password directly
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/77/A4/wKioL1ZqeFaQvbzvAACnIThS0r8091.png "style=" float: none; "title=" 66666.png "alt=" Wkiol1zqefaqvbzvaacniths0r8091.png "/>
Windows password security and crack--getpass local memory read Windows password