🔥 3-day streak
CompTIA PenTest+ (PT0-003)145 / 175
Question 145 of 175
After compromising a Windows workstation and gaining a foothold in the user's context, you want to recover the user's saved credentials from the Windows Credential Manager without cracking any hashes offline. The account is a standard domain user, and you already have an interactive session running as that user. Which post-exploitation approach will allow you to decrypt and recover these stored secrets?
Reviewed for accuracy · Report an issueNext question