Skip to content
Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Screens Add files via upload Apr 7, 2019
CredsLeaker.ps1 fix validating creds on workgroup Apr 17, 2019
LICENSE Create LICENSE Apr 17, 2019
README.md Update README.md Apr 15, 2019
Runner.bat Inital Build Mar 5, 2018

README.md

CredsLeaker v3

This script used to display a powershell credentials box asked the user for credentials. However, That was highly noticeable. Now it's time to utilize Windows Security popup!

Credentials Box

Features

  • AD domain authentication validation.
  • Tested on Windows 10 (1809) with Powershell version 5.1. Needs to be tested on 7\8\8.1\ Servers and different powershell versions.
  • Can be modified (title, message etc.).
  • Added WORKGROUP support (validation is done against the local SAM).

As before, The box cannot be closed (only by killing the process) and will keep on checking the credentials against the DC. When validated, it will close and leak it to a web server outside.

Credentials Leak

How To:

  1. Start a web server.
  2. Type your server IP and port in the ps1 script.
  3. Execute the batch file.

Thanks:

To all my friends that helped to craft this script (specially @deanf)

Legal

This software is provided for educational use only (also with redteamers in mind). Don't use credsleaker without mutual consent. If you engage in any illegal activity the author does not take any responsibility for it. By using this software you agree with these terms.

You can’t perform that action at this time.