Introduction to Active Directory Attacks: Local Passwords
Briefing says to use poweup.ps1 but i dont see the powershell script in the tools folder. additionally tried powershell command mentioned but producing so many result. any thoughts or suggestion to find the password stored in some where in files.
Credential Access - NTDS
Got down to the last two questions and I felt like I've tried all suggestions in the briefing. Can anyone help out with the last two question? Also, the "secretsdump.py -ntds <ntds.dit path> -system <SYSTEM hive path> LOCAL" isn't working but tried "impacket.examples.secretsdump" and it doesn't throw an error, but also doesn't throw any output.
