{"id":3067,"date":"2015-02-17T06:41:47","date_gmt":"2015-02-16T22:41:47","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3067"},"modified":"2015-02-17T06:41:54","modified_gmt":"2015-02-16T22:41:54","slug":"windows-credentials-editor-wce-list-add-change-logon-sessions","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2015\/02\/windows-credentials-editor-wce-list-add-change-logon-sessions\/","title":{"rendered":"Windows Credentials Editor (WCE) – List, Add & Change Logon Sessions"},"content":{"rendered":"
Windows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM\/NT hashes, plaintext passwords and Kerberos tickets).<\/p>\n
This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT\/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos tickets and reuse them in other Windows or Unix systems and dump cleartext passwords entered by users at logon.<\/p>\n
<\/p>\n
WCE is a security tool widely used by security professionals to assess the security of Windows networks via Penetration Testing. It supports Windows XP, 2003, Vista, 7, 2008 and Windows 8.<\/p>\n
WCE is aimed at security professionals and penetration testers. It is basically a post-exploitation tool to ‘steal’ and reuse NTLM hashes, Kerberos tickets and plaintext passwords which can then be used to compromise other machines. Under certain circumstances, WCE can allow you to compromise the whole Windows domain after compromising only one server or workstation.<\/p>\n
You can download WCE here:<\/p>\n
WCE v1.42beta<\/a> (32-bit)
\nWCE v1.42beta<\/a> (64-bit)<\/p>\n