Windows 10
A Microsoft operating system that runs on personal computers and tablets.
12,030 questions
A community member has associated this post with a similar question:
How do I emulate the extraction of cleartext passwords for the Scheduled Task LogonType password misconfigurations?
Only moderators can edit this content.
How do I emulate the extraction of cleartext passwords for the Scheduled Task LogonType password misconfigurations?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 91%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFL%3C/text%3E%3C/svg%3E)
FN LN
0
Reputation points
Microsoft Recommendation for configuration of Scheduled Task is "In the new task, if the Task Content: XML contains <LogonType>Password</LogonType> value, trigger an alert. In this case, the password for the account that will be used to run the scheduled task will be saved in Credential Manager in cleartext format, and can be extracted using Administrative privileges."
Anyone knows how to validate/emulate that such a setting can lead to the cleartext password being leaked to an admin account?
I have attempted the following:
- In a VM, created admin and normal user accounts. Using normal user account, create the scheduled task with the LogonType Password and trigger the scheduled task. Change to using admin account and access Credential Manager > Windows Credentials. Attempted to view cleartext password of the normal user account but to no avail.
- In an Active Directory, created Domain Admin and Doimain User accounts. Using Domain User account, create the scheduled task with the LogonType Password and trigger the scheduled task. Change to using Domain Admin account and access Credential Manager > Windows Credentials. Attempted to view cleartext password of the normal user account but to no avail.
{count} votes