Windows Credentials Editor v1.0 - List, Add & Edit Logon Sessions - Darknet

14 October 2010 | 13,915 views

Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.

Supported Platforms

Supports Windows XP, 2003, Vista, 7 and 2008 (Vista was not actually tested yet, but it should work).

Options

Windows Credentials Editor provides the following options:

        -l         List logon sessions and NTLM credentials (default).
        -s         Changes NTLM credentials of current logon session.
                   Parameters: <UserName>:<DomainName>:<LMHash>:<NTHash>.
        -r         Lists logon sessions and NTLM credentials indefinitely.
                   Refreshes every 5 seconds if new sessions are found.
                   Optional: -r<refresh interval>.
        -c         Run <cmd> in a new session with the specified NTLM credentials.
                   Parameters: <cmd>.
        -e         Lists logon sessions NTLM credentials indefinitely.
                   Refreshes every time a logon event occurs.
        -o         saves all output to a file.
                   Parameters: <filename>.
        -i         Specify LUID instead of use current logon session.
                   Parameters: <luid>.
        -d         Delete NTLM credentials from logon session.
                   Parameters: <luid>.
        -v         verbose output.

-l List logon sessions and NTLM credentials (default).

-s Changes NTLM credentials of current logon session.

Parameters: <UserName>:<DomainName>:<LMHash>:<NTHash>.

-r Lists logon sessions and NTLM credentials indefinitely.

Refreshes every 5 seconds if new sessions are found.

Optional: -r<refresh interval>.

-c Run <cmd> in a new session with the specified NTLM credentials.

Parameters: <cmd>.

-e Lists logon sessions NTLM credentials indefinitely.

Refreshes every time a logon event occurs.

-o saves all output to a file.

Parameters: <filename>.

-i Specify LUID instead of use current logon session.

Parameters: <luid>.

-d Delete NTLM credentials from logon session.

Parameters: <luid>.

-v verbose output.

You can download Windows Credentials Editor v1.0 here:

wce_v1.0.tgz

Subscribe to Darknet RSS Feed

Follow @THEdarknet

Recent in Hacking Tools:
- Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool
- CrowdRE – Crowdsourced Reverse Engineering Service From CrowdStrike
- XMPPloit – A Tool to Attack XMPP Connections

Related Posts:
- Pass-The-Hash Toolkit v1.1 Available for Download
- Pass-The-Hash Toolkit v1.3 is Available for Download
- Pass-The-Hash Toolkit v1.4 Released for Download

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,794,437 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 992,368 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 587,512 views

One Response to “Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions”

hcx 14 October 2010 at 2:01 pm Permalink

or : gsecdump.exe -a

Darknet – The Darkside

Ethical Hacking, Penetration Testing & Computer Security

Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions

One Response to “Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions”

Search Darknet

Subscribe

Freebies!

Navigation

Sponsors

Users Online

Recent Comments

Recent Articles

Topics

Twitter