Capturing Credentials

Engagement Credentials Tab

All Engagement Credentials can be managed from the Credentials tab.

Host Credentials Section

Port Credentials Section

Adding Credentials Manually

From the Credentials Tab or Host Page, click the Add Creds button in the Credentials section:

All fields are optional. Set the Host field to a specific host, for example web logins are typically tied to a web server. You can also attach credentials to the Engagement for domain wide credentials such as Active Directory NTLM hashes.

Importing Credentials

From the Credentials Tab or Host Page, click the Import Creds button in the Credentials section.

Import credentials by loading a file or copy & paste. The formats supported are:

  • passwd

  • .shadow

  • username : password

  • username : hash

  • username : hash : hashtype

Exporting Credentials

The Export Creds screen provides an listing of captured credentials in various formats. These are meant to be copy & pasted into a file for use by hashcat, crackMapExec, or other tools.

Tier Availability

Credentials are available on all tiers.

Last updated