It's 2023, CrackMapExec can now dump DPAPI credentials as a core feature !🚀
This is possible thanks to the work of @_zblurx and his library dploot ! He also added a module to dump firefox passwords 🔥
Pushed on @porchetta_ind v5.4.5 Bruce Wayne 🪂
No excuse, DA everytime, 🔽
This is possible thanks to the work of @_zblurx and his library dploot ! He also added a module to dump firefox passwords 🔥
Pushed on @porchetta_ind v5.4.5 Bruce Wayne 🪂
No excuse, DA everytime, 🔽
But wait, yet yet another dpapi dumping tool ?
Well @_zblurx has fully embraced the concept of CME and taken leverage of cmedb !
Everytime you found a valid credential, CME will add this cred in his own DB, CMEDB 🧙♂️
Now why this is important in the case of dpapi credentials ?🔽
Well @_zblurx has fully embraced the concept of CME and taken leverage of cmedb !
Everytime you found a valid credential, CME will add this cred in his own DB, CMEDB 🧙♂️
Now why this is important in the case of dpapi credentials ?🔽
When using the option --dpapi (you need to be local adm), CrackMapExec will feed dploot lib with every credentials you already found during your internal pentest ! 🔥
Let me explain with a simple example 🔽
Let me explain with a simple example 🔽
If you had previously compromised an account, let's say Ron and now you are dumping the dpapi as a local admin on a server and Ron is also using this server (Ron is not local adm), you will be able to dump the DPAPI credentials of Ron (if any) !
But wait, there is more 🔽
But wait, there is more 🔽
If you are Domain Admin, dploot will get the DPAPI Backup Key and you will be able to pretty much dump everything that use DPAPI on the domain !
But wait, there is more 🔽
But wait, there is more 🔽
Imagine credentials isn't enough or maybe they are not saved in the browser, why not just dump cookies ⁉️ 🍪
So yeah.. like DonPAPI 💕🇫🇷 but integrated to CrackMapExec ✌️🐙
So yeah.. like DonPAPI 💕🇫🇷 but integrated to CrackMapExec ✌️🐙
Thanks for coming to my TED talk, more cool things are coming on the sponsors version 💪🪂
🇫🇷🥐dploot github.com/zblurx/dploot
🇫🇷🥐dploot github.com/zblurx/dploot
• • •
Missing some Tweet in this thread? You can try to
force a refresh
