-
Notifications
You must be signed in to change notification settings - Fork 384
dpapi masterkey command
skelsec edited this page Apr 13, 2021
·
2 revisions
Decrypts masterkey file, prints the keys either to the console or writes them to a JSON file.
I'd suggest to use the -o
parameter, it will help you on your journey.
- Mastekey file
- prekeys either in a file in hex format (one per line) OR just the hex string of one prekey instead of the filename
None
-
-o
: Writes the masterkeys/backupkeys in a json file.
-
pypykatz dpapi masterkey /root/6337a9bc-476b-41f0-afd0-5cf50b566768 prekeys.txt
: Decrypts the masterkey file (guid name) with the list of prekeys supplied.