Chapter 7: Windows Password Mining

An important privilege escalation attack vector that usually goes unexplored is the process of searching for locally stored credentials on the target system. This process involves searching for specific passwords and password hashes that can then be used to elevate privileges directly, without the use of any exploits.

This chapter will focus on the process of searching for passwords and dumping password hashes on the target system by using various utilities and techniques.

We will also take a look at how Windows NT LAN Manager (NTLM) hashes can be cracked and utilized to elevate privileges on a target system.

In this chapter, we're going to cover the following main topics:

  • What is password mining?
  • Searching ...

Get Privilege Escalation Techniques now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.