CredPhish - A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS
CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user passwords, Resolve-DnsName for DNS exfiltration, and Windows Defender's ConfigSecurityPolicy.exe to perform arbitrary GET requests.
For a walkthrough, see the Black Hills Infosec publication.
Via: feedproxy.google.com
CredPhish - A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS
Reviewed by Anónimo
on
17:40
Rating:
Reviewed by Anónimo
on
17:40
Rating:
![[HTB write-up] Apocalyst](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWYJ3g-N6FS3AQ_Gp9GSCTY0iz0IkA-rF03BJFkDFeF0iJ6llJajRtoITdp_6r44vxpujAnVSBG7jazYC8KgX2-UCH_97XlG10zpeSaign8fRgXdpWFX8Eztcg3SNEN8tZpQRfs1rMrh3G/s72-c/apocalyst01.png)
