DPAPI and DPAPI-NG Decrypting All Users’ Secrets and PFX Passwords
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore groundbreaking discoveries in DPAPI (Data Protection API) and DPAPI-NG research presented at Hack in Paris. Learn how to decrypt DPAPI-protected data using a 'backup key' stored as an LSA Secret on domain controllers, enabling access to all domain users' secrets, including passwords, private keys, and browser information. Discover a method to decrypt SID-protected PFX files without user passwords by generating SID and user tokens. Understand the implications of these findings for Windows 8, 8.1, 10, and related Windows Server versions. Gain insights into potential security vulnerabilities and their management in enterprise environments. Watch as Paula Januszkiewicz, CEO and security researcher, demonstrates these unique discoveries and provides tools for further exploration.
Syllabus
HIP19: DPAPI and DPAPI-NG Decrypting All Users’ Secrets and PFX Passwords - P. Januskiewicz
Taught by
Hack in Paris
Related Courses
NetflOSINT- Taking an Often-Overlooked Data Source and Operationalizing It - Joe Gray - Hack in ParisHack in Paris via YouTube All Roads Lead to OpenVPN Pwning Industrial Remote Access Clients - Sharon Brizinov - Hack in Paris - 2021
Hack in Paris via YouTube Exploits in Wetware - R. Sell - Hack in Paris - 2019
Hack in Paris via YouTube All Your GPS Trackers Belong to Us - C. Kasmi, P. Barre - Hack in Paris - 2019
Hack in Paris via YouTube In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass - E. Carroll - Hack in Paris - 2019
Hack in Paris via YouTube