Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/processust/masterkeybrute
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
https://github.com/processust/masterkeybrute
blobs credentials decryption dpapi masterkeys microsoft python3 windows
Last synced: 1 day ago
JSON representation
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
- Host: GitHub
- URL: https://github.com/processust/masterkeybrute
- Owner: ProcessusT
- License: gpl-3.0
- Created: 2025-01-04T22:15:34.000Z (3 days ago)
- Default Branch: main
- Last Pushed: 2025-01-04T22:15:36.000Z (3 days ago)
- Last Synced: 2025-01-04T22:34:37.407Z (3 days ago)
- Topics: blobs, credentials, decryption, dpapi, masterkeys, microsoft, python3, windows
- Language: Python
- Homepage:
- Size: 0 Bytes
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# MasterKeyBrute
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
## Usage
MasterKeyBrute uses Impacket syntax :
```bash
**************************************************
MASTERKEYBRUTE
@Processus
v1.0
**************************************************
usage: masterkeybrute.py [-h] -mkf MKF -sid SID -w W [--blob BLOB] [--show-prekeys SHOW_PREKEYS] [-debug]
Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
options:
-h, --help show this help message and exit
-mkf MKF Master Key File
-sid SID User SID to derivate key
-w W Wordlist file
Optionnal:
--blob BLOB Blob file to decrypt with decrypted MasterKey
--show-prekeys SHOW_PREKEYS
Show calculated prekeys
Verbosity:
-debug Turn DEBUG output ON
```
## Example
```bash
python3 masterkeybrute.py -mkf d5a8f4c9-a8ab-423a-a027-601472215dff -sid S-1-5-21-2097421949-534903256-19675394-500 -w /opt/rockyou.txt --blob 5AEA058AA7D881EBF78E4BE4515E5159 -debug
```