Capturing Credentials
Last updated
Last updated
All Engagement Credentials can be managed from the Credentials tab.
All fields are optional. Set the Host field to a specific host, for example web logins are typically tied to a web server. You can also attach credentials to the Engagement for domain wide credentials such as Active Directory NTLM hashes.
Import credentials by loading a file or copy & paste. The formats supported are:
passwd
.shadow
username : password
username : hash
username : hash : hashtype
The Export Creds screen provides an listing of captured credentials in various formats. These are meant to be copy & pasted into a file for use by hashcat, crackMapExec, or other tools.
Credentials are available on all tiers.
From the Credentials Tab or , click the Add Creds button in the Credentials section:
From the Credentials Tab or , click the Import Creds button in the Credentials section.