gimini / powermemory Goto Github PK
View Code? Open in Web Editor NEWExploit the credentials present in files and memory
License: Other
Exploit the credentials present in files and memory
License: Other
Whenever I try to run the White Rabbit script from the RWMC folder in Powershell ISE, it tells me:
The script need an Internet Connection to run
Script terminating...
Even though I have very good connection.
How do I fix this?
Hi,
I generated a dump of memory from a VM running on an ESXi.
The script runs but the output is:
Login : ?????...?.????.?โด.??.???????????
Wonder if I am doing something wrong and you experienced similar results in the past.
Thanks.
I've run 4 times, the first two failed
--- Script terminating ---
+++++++++++++++++++++++++++++++++++++++++
The 3rd and 4th times do make the lsass.dmp file, and the results are:
Login : rrumble
Password :
Login : rrumble
Password :
Login : PC007$
Password :
Login :
Password :
Login : PC007$
Password :
Login : PC007$
Password :
Login : ????????????????????????????????
Password :
+++++++++++++++++++++++++++++++++++++++++
\ /\ Follow the white Rabbit :-)
( ) [email protected]
.( @ ).
Do you want use Active Directory cmdlets ?
Enter menu number and press : 2
Local computer, Remote computer or from a dump file ?
Enter menu number and press : 3
Enter the path of your lsass process dump: C:\Intel\PowerMemory-master\20160126062143
Mode (3 (Windows 2003), 1 (Win 7 and 2008r2), 132 (Win 7 32 bits), 2 (Win 8 and 2012), 2r2 (Win 10 and 2012r2), 232 (Win 10 32 bits) 8.1 (Win 8.1) or 2016 (Windows Server 2016))?: 2r2
Try to reveal password for Windows 10 or 2012r2
Do you want to exfiltrate the data (pastebin) ?
Enter menu number and press : 2
Do you want to clear event log on this local computer ?
Enter menu number and press : 2
(see screenshot: http://snag.gy/aeE9A.jpg)
Windows 7 32 bit does not seem to be supported. It maps to mode 132, which is considered a "supported OS" by the script. Then it calls Get-SupportedSystemsInformations, which only initially sets the $start variable for modes 1, 2, 8.1, "2r2", "2016", and "232". This leads to a bunch of errors related to the variables not being set, and the passwords are not retrieved (the usernames are, though).
The variable '$start' cannot be retrieved because it has not been set.
At C:\users\myuser\Desktop\PowerMemory-master\RWMC\supportedOS\Get-InformationsFromSupportedOS.ps1:29 char:22
$value = $start
~~~~~~
Ran Get-ActiveDirectoryInfo received data back, but ran into Visio error stating "You are trying to save a file type (Visio 2000-2002 Binary Drawings), Templates and Stencils, which has been blocked by your File Block settings in the Trust Center."
I unchecked every box in Visio File Block settings, tested with Microsoft Active Directory Topology Diagrammer to see if the stencils would load and draw in Visio, which they only did in MS ADTD. For some reason, I am still receiving this error when running the Get-ActiveDirectoryInfo script.
Just checking to see if anyone has run into this before.
no found in Empire
can u tell me what is name the moudle
Script not working, just spams a bunch of links in the powershell window. Doesn't actually crash on Windows 8 and Windows 10. I haven't tried it on Windows 7 though.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.