Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HoneyHash Script Injects Incorrect Password into Memory When the Password Contains Characters with Special Significance in Powershell #14

Open
zms200 opened this issue Jun 23, 2020 · 2 comments
Open

HoneyHash Script Injects Incorrect Password into Memory When the Password Contains Characters with Special Significance in Powershell #14

zms200 opened this issue Jun 23, 2020 · 2 comments

Comments

@zms200
Copy link

zms200 commented Jun 23, 2020

The script generated by the HoneyHash functionality injects the wrong password into memory when the password provided contains characters considered significant by Powershell, such as a "$"

For example, providing the following input into DejaVu:

image

Produces the following from mimikatz:

image

The underlying cause seems to be that the password in the script is enclosed by double-quotes ("P@$$WORD!123"), when it really should be single-quotes ('P@$$WORD!123')
@bhdresh
Copy link
Owner

bhdresh commented Jun 23, 2020

Thank you for the report, we are working releasing a new version by end of this week. Will make sure, this is covered there.

Regards,
-Bhadresh

@zms200
Copy link
Author

zms200 commented Jun 24, 2020

Great! Looking forward to checking out the new version!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bhdresh @zms200