Nytro Posted February 17, 2015 Report Posted February 17, 2015 Windows Credentials Editor (WCE) – List, Add & Change Logon SessionsWindows Credentials Editor (WCE) is a security tool to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos tickets).This tool can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.), obtain Kerberos tickets and reuse them in other Windows or Unix systems and dump cleartext passwords entered by users at logon.WCE is a security tool widely used by security professionals to assess the security of Windows networks via Penetration Testing. It supports Windows XP, 2003, Vista, 7, 2008 and Windows 8.FeaturesPerform Pass-the-Hash on Windows‘Steal’ NTLM credentials from memory (with and without code injection)‘Steal’ Kerberos Tickets from Windows machinesUse the ‘stolen’ kerberos Tickets on other Windows or Unix machines to gain access to systems and servicesDump cleartext passwords stored by Windows authentication packagesWCE is aimed at security professionals and penetration testers. It is basically a post-exploitation tool to ‘steal’ and reuse NTLM hashes, Kerberos tickets and plaintext passwords which can then be used to compromise other machines. Under certain circumstances, WCE can allow you to compromise the whole Windows domain after compromising only one server or workstation.You can download WCE here:WCE v1.42beta (32-bit)WCE v1.42beta (64-bit)Or read more here.Sursa: http://www.darknet.org.uk/2015/02/windows-credentials-editor-wce-list-add-change-logon-sessions/ Quote
