illmob.org

Capturing Windows Logon Credentials

November 3rd, 2013 by admin in cracking, Privilege Escalation, windows


Microsoft GINA technology which stands for Graphical Identification ‘N Authentication is responsible for graphically handling logon requests when events such as CTRL-ALT-DEL are received. Tyler Wrightson finally released his modified GINA stub that silently logs usernames and domains for XP and Win2k. You can dpwnload it ::here::. More information about how GINA works can be found in his excellent blog post.

This will not work for Vista and later Operating Systems, as they have switched to the Credential Provider model. Microsoft claims the reasoning behind this is to make it easier for developers to meet the demands for next generation authentication technologies (like biometrics, two factor and single sign on). Have no fear he also released a version for Vista/7 ::here::. More information can be found in his blog post.

Leave a reply