During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz. Which of the following registry changes would allow for credential caching in memory?
A) reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0
B) reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
C) reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
D) reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
Correct Answer:
Verified
Q63: A tester has determined that null sessions
Q64: A penetration tester runs the following from
Q65: A consultant is performing a social engineering
Q66: Joe, an attacker, intends to transfer funds
Q67: After establishing a shell on a target
Q69: Given the following: http://example.com/download.php?id-.../.../.../etc/passwd Which of the
Q70: A tester intends to run the following
Q71: Joe, a penetration tester, has received basic
Q72: A recently concluded penetration test revealed that
Q73: A company planned for and secured the
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents