From 8c2778e1cad3f09366e1ba64cb3e132251fcfaf1 Mon Sep 17 00:00:00 2001 From: "Nikhil \"SamratAshok\" Mittal" Date: Fri, 1 Jan 2016 18:56:22 +0530 Subject: [PATCH] This also fixes the Issues #29 --- Gather/Invoke-MimikatzWDigestDowngrade.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gather/Invoke-MimikatzWDigestDowngrade.ps1 b/Gather/Invoke-MimikatzWDigestDowngrade.ps1 index 77692f3..4a28b0f 100644 --- a/Gather/Invoke-MimikatzWDigestDowngrade.ps1 +++ b/Gather/Invoke-MimikatzWDigestDowngrade.ps1 @@ -15,7 +15,7 @@ If the RDP switch is not used. The script locks the machine. As soon as a user u Invoke-Mimikatz function is executed to dump passwords in plain text. -The registry property added previously is removed in both the cases. +The registry property added previously to force using WDigest is removed in both the cases. The registry hack is borrowed from below post on TrustedSec's website: https://www.trustedsec.com/april-2015/dumping-wdigest-creds-with-meterpreter-mimikatzkiwi-in-windows-8-1/