def main(sVaultFolder, sMasterkey, sSystem, sSecurity, sSoftware = None, boolOutput = True):
## Step 1: prepare DPAPI data (System MK pool)
mkp = masterkey.MasterKeyPool()
mkp.loadDirectory(sMasterkey)
reg = registry.Regedit()
secrets = reg.get_lsa_secrets(sSecurity, sSystem)
dpapi_system = secrets.get('DPAPI_SYSTEM')['CurrVal']
mkp.addSystemCredential(dpapi_system)
mkp.try_credential_hash(None, None)
## Step 2: Parse and DPAPI decrypt Policy.vpol
vpol_filename = os.path.join(sVaultFolder, 'Policy.vpol')
with open(vpol_filename, 'rb') as f: vpol_blob = parsePolicy(f.read())
vpol_cleartext = decrypt_blob(mkp, vpol_blob)
if not vpol_cleartext:
exit('[-] Unable to decrypt Policy.vpol')
bKeyAES128, bKeyAES256 = parsePolicyEntries(vpol_cleartext)
## Step 3: Parse and AES decrypt VCRD
sUsername = ''
arrResult = []
for xfile in os.listdir(sVaultFolder):
if xfile.lower().endswith('.vcrd'):
filepath = os.path.join(sVaultFolder, xfile)
if boolOutput: print('---- Working on ' + xfile + ' ----')
with open(filepath, 'rb') as vcrdfile:
bIV, bData, sSchemaType = parseVCRD(vcrdfile.read()) ## parseVCRD verifies the vault type (GUIDs at the top of this file)
if bKeyAES256 and bData:
cipher = AES.new(bKeyAES256, AES.MODE_CBC, iv = bIV)
bDecrypted = cipher.decrypt(bData)
dicContainers = parseDecryptedAttribute(bDecrypted) ## dicContainers[ContainerID] = bData
if dicContainers[1].decode(errors='ignore').startswith('N\x00G\x00C\x00'): ## Should be "NGC Local Accoount Logon Vault Resource" in utf-16le
if boolOutput:
print('[+] Schema Type : ' + sSchemaType)
print('[+] User SID : ' + parseSID(dicContainers[2]))
if sSoftware:
sUsername = getUsername(sSoftware, parseSID(dicContainers[2]))
if boolOutput: print('[+] Username : '******'[+] Schema Type : ' + sSchemaType)
print('[+] HEX decrypted data : ' + dicContainers[3].hex())
try: print('[+] Decoded value : ' + dicContainers[3].decode('utf-16le',errors='ignore'))
except: pass
if boolOutput: print('#'*50)
if arrResult == []: print('[-] No vaults found')
return (sUsername, arrResult)
parser.add_option('--systemmasterkey', metavar='FOLDER',default=os.path.join('Windows','System32','Microsoft','Protect','S-1-5-18','User') , dest='systemmasterkeydir', help=r'System Masterkey folder; default: Windows\System32\Microsoft\Protect\S-1-5-18\User')
parser.add_option('--system', metavar='HIVE', default=os.path.join('Windows','System32','config','SYSTEM'), help=r'SYSTEM file; default: Windows\System32\config\SYSTEM')
parser.add_option('--security', metavar='HIVE', default=os.path.join('Windows','System32','config','SECURITY'), help=r'SECURITY file; default: Windows\System32\config\SECURITY')
parser.add_option('--wdir', metavar='WIFIDIR', dest='wifi_dir', default=os.path.join('ProgramData','Microsoft','Wlansvc'), help=r'WiFi folder; default ProgramData\Microsoft\Wlansvc')
parser.add_option('--ntuser', metavar='NTUSER', dest='ntuser')
parser.add_option('--usermasterkey', metavar='DIRECTORY', dest='usermasterkeydir')
parser.add_option('--sid', metavar='SID', dest='sid', help=r'Carved from the User Masterkey folder, if possible')
parser.add_option('--password', metavar='PASSWORD', dest='password', help='Optional: Will use empty password when not provided')
parser.add_option('--pwdhash', metavar='HASH', dest='pwdhash')
parser.add_option('--credhist', metavar='FILE', dest='credhist')
(options, args) = parser.parse_args()
check_parameters(options, args)
reg = registry.Regedit()
secrets = reg.get_lsa_secrets(options.security, options.system)
dpapi_system = secrets.get('DPAPI_SYSTEM')['CurrVal']
#print('[+] SYSTEM DPAPI key: {}'.format(dpapi_system.hex()))
mkp1 = masterkey.MasterKeyPool()
mkp1.loadDirectory(options.systemmasterkeydir)
mkp1.addSystemCredential(dpapi_system)
mkp1.try_credential_hash(None, None)
mkp2 = masterkey.MasterKeyPool()
mkp2.loadDirectory(options.usermasterkeydir)
if options.credhist:
mkp2.addCredhistFile(options.sid, options.credhist)
if options.password:
mkp2.try_credential(options.sid, options.password)
def getUsername(sSOFTWARE, sSID):
reg = registry.Regedit()
return reg.getUsername(sSOFTWARE, sSID)
def main(sCryptoFolder, sMasterkey, sSystem, sSecurity, sPIN, sPINGUID, boolOutput = True, pemexport="", sid=None, password=None):
## if sPIN == '', do brute force
if sSystem:
reg = registry.Regedit()
secrets = reg.get_lsa_secrets(sSecurity, sSystem)
dpapi_system = secrets.get('DPAPI_SYSTEM')['CurrVal']
mkp = masterkey.MasterKeyPool()
if sMasterkey:
mkp.loadDirectory(sMasterkey)
mkp.addSystemCredential(dpapi_system)
decrn=mkp.try_credential_hash(None, None)
#print("Decrypted keys %d" % decrn)
if sid and password:
mkp.try_credential(options.sid, options.password)
for root, _, files in os.walk(sCryptoFolder):
for sFile in files:
filepath = os.path.join(root, sFile)
with open(filepath, 'rb') as f:
file_data = f.read()
sInfo, arrFieldData = parseFile(file_data)
if boolOutput:
print('-' * 10 + ' ' + sFile + ' ' + '-' * 10)
print('[+] KEY GUID : ' + sInfo)
### Field 2 and 3 are DPAPI Blob
parseField1(arrFieldData[0], boolOutput)
## Private Key Properties should work with static Entropy '6jnkd5J3ZdQDtrsu'
blobPrivateKeyProperties = arrFieldData[1]
pkpBlob = blob.DPAPIBlob(blobPrivateKeyProperties)
mks = mkp.getMasterKeys(pkpBlob.mkguid.encode())
for mk in mks:
if mk.decrypted:
pkpBlob.decrypt(mk.get_key(), entropy = b'6jnkd5J3ZdQDtrsu\x00')
if pkpBlob.decrypted:
if boolOutput: print('[+] Private Key Properties decrypted!')
arrPrivateKeyProperties = parsePrivateKeyProperties(pkpBlob.cleartext.hex(), boolOutput)
## Private Key, we can try, but the entropy is either unknown static or variable (some are 'xT5rZW5qVVbrvpuA')
blobPrivateKey = arrFieldData[2]
pkBlob = blob.DPAPIBlob(blobPrivateKey)
mks = mkp.getMasterKeys(pkBlob.mkguid.encode())
for mk in mks:
if mk.decrypted:
pkBlob.decrypt(mk.get_key(), entropy = b'xT5rZW5qVVbrvpuA\x00', strongPassword=None)
if pkBlob.decrypted and boolOutput:
print('[+] Private Key decrypted : ')
print(' ' + pkBlob.cleartext.hex())
if pemexport:
savePEM(pkBlob.cleartext.hex(), pem_path=pemexport, pemname=sInfo)
else:
if sPINGUID and sPINGUID in sInfo and arrPrivateKeyProperties:
for sProperty in arrPrivateKeyProperties:
if sProperty['Name'].decode('UTF-16LE',errors='ignore') == 'NgcSoftwareKeyPbkdf2Salt': sSalt = sProperty['Value'].hex()
elif sProperty['Name'].decode('UTF-16LE',errors='ignore') == 'NgcSoftwareKeyPbkdf2Round': iRounds = int(reverseByte(sProperty['Value']).hex(),16)
if sPIN and not sPIN == '':
pkResult = decryptWithPIN(mk, pkBlob, sSalt, iRounds, sPIN)
elif options.pinbrute:
if boolOutput: print('[!] Trying PIN brute force 0000 through {}, this will take some time '.format(iMaxPIN))
(pkResult, sPIN) = brutePIN(mk, pkBlob, sSalt, iRounds)
elif options.pinexport:
exportHASH(mk, pkBlob, sSalt, iRounds, sPINGUID)
pkResult = None
if pkResult and pkResult.decrypted:
if boolOutput:
print('[+] Private Key decrypted with PIN (' + sPIN + ') :')
print(' ' + pkBlob.cleartext.hex())
else: ## no bool output means: called by other script that is only interested in this cleartext data
return pkBlob.cleartext
else:
if sPIN and boolOutput: print('[-] Decryption with PIN tried but failed')
else:
if boolOutput: print('[-] Entropy unknown for ' + pkBlob.description.decode())
if boolOutput: print('')