Collaborate Disseminate
I discovered an EventID 11 (Microsoft-Windows-Sysmon/Operational) event in the Windows logs, in which the Policy.vpol file is created by the process C:\Windows\system32\lsass.exe on behalf of the system user (NT AUTHORITY\System)
How to ch… Continue reading Creation of the Policy.vpol file by the lsass.exe process [migrated]
DPAPI: Windows Data Protection API
Say I would be able to read a Windows system file system, including all files.
Say there would be a DPAPI encrypted value somewhere in this system that I want to decrypt.
Can I decrypt this value only loo… Continue reading Is DPAPI usable when only being able to read the file directory?
I have an Java client program for Windows having a properties file that I need to be able to encrypt (protect it if a malicious user accesses the server and properties file) but the client program of course needs to be able to read it (eve… Continue reading Is DPAPI still valid option to protect eg. encryption key?
We are developing a VB. NET application where we are building a ‘Remember password’ feature to store the user’s application credentials using DPAPI for encryption (in a Windows domain environment) and then save it safely (off the computer)… Continue reading How do we reliably know why the Master Key hash for a particular SID has changed?
Why does the OWASP Code Review Guide v2.0 recommend DPAPI with known vulnerabilities?
I’m referring to section 12.4 "What to Review: Protection at Rest":
A secure way to implement robust encryption mechanisms within source
code … Continue reading Why does the OWASP Code Review Guide v2.0 recommend DPAPI with known vulnerabilities? [closed]
What is the reason to use DPAPI in order to decrypt the certificate private key and create a pfx file like explained here howto-~-decrypt-EFS-files over using the Crypt functions like Mimikatz uses (crypto::certificates /export)?
Continue reading Using DPAPI in order to extract a certificate private key and create a pfx file
I’m trying to decrypt a Chrome 80+ Login Data file offline using the SHA1 or SHA256 masterkey retrieved either using backupkey or lsass dump but no tool seems to work (I tried mimikatz, sharpdpapi, dpapick).
The only way I managed to do th… Continue reading I can’t decrypt chrome passwords offline with sha masterkey
I am currently trying to decrypt my files from my old laptop. I have a backup of the user folder of the old laptop and I am trying to find the old user master key to decrypt my files based on mimikatz wiki. However, when I look at the mast… Continue reading Windows 10 master key folder empty
Hi guys I’m pretty new to cyber security. Actually I have a bit knowledge around Network Security , CEH topics etc.
So today I decide to learn Win32 in C for Ethical Hacking because I know C and Python. But after few research I saw almost … Continue reading How to use Win32 in C for hacking?
Hi guys I’m pretty new to cyber security. Actually I have a bit knowledge around Network Security , CEH topics etc.
So today I decide to learn Win32 in C for Ethical Hacking because I know C and Python. But after few research I saw almost … Continue reading How to use Win32 in C for hacking?