Member-only story
🎯 HTB Academy — Credential Hunting in Windows (Walkthrough)
Module: Password Attacks
Challenge: Credential Hunting in Windows
Target: Laptop01
RDP Login:Bob / HTB_@cademy_stdnt!
IP:10.129.171.77
🧠 Scenario
You’ve just RDP’d into an IT administrator’s Windows 10 workstation. As part of your engagement, your mission is clear:
Hunt down any and all credentials left lying around in the system — files, scripts, browsers, or misconfigured applications.
Let’s dive into the art of credential hunting!
🧰 Tools Used
- 🔍
Windows Search
- 🕵️♂️
findstr
- 💣
LaZagne
🔑 Step 1: RDP into the Box
Connect via RDP using:
RDP Target: 10.129.171.77
Username: Bob
Password: HTB_@cademy_stdnt!
Once inside, explore the desktop. You’re in the environment of a busy IT admin. Think like them — where might you store passwords if you were constantly juggling credentials?
🔍 Step 2: Use Windows Search
Start by using Windows built-in search (via taskbar or Windows+S):
Search terms:
password
credentials
creds
login
dbpassword
💡 You may stumble upon:
- Documents like…