Wednesday, October 27, 2021

HiveNightmare

The security account manager (SAM) file contains the password hashes of the users on a Windows system. Since it is considered a sensitive file SYSTEM level privileges are required to view its contents. Therefore SAM is a file of interest for any pentest engagement as password hashes could retrieved for offline cracking once local privilege escalation have been achieved. However, as it has been discovered by Jonas Lyk various versions of Windows 10 and Windows 11 allowing a standard user to read …

Read More

Latest news
Related news