illmob.org

DPAPIck – Recover offline passwords

April 6th, 2010 by Dev Team in Password Info, windows

This is a forensic tool to deal, in an offline way, with Microsoft Windows® protected data, using the DPAPI (Data Protection API).
A non-exhaustive list of those recoverable secrets are :

* EFS certificates
* MSN Messenger credentials
* Internet Explorer form passwords
* Outlook passwords
* Google Talk credentials
* Google Chrome form passwords
* Wireless network keys (WEP key and WPA-PMK)
* Skype credentials

Of course you need to know the user’s current password, you can recover it from the SAM.
Download Here
You can also read an excellent article on the undocumented process of recovering DPAPI passwords here

One Response to ' DPAPIck – Recover offline passwords '

Subscribe to comments with RSS or TrackBack to ' DPAPIck – Recover offline passwords '.

  1. عبداللطيف said,

    on December 8th, 2010 at 3:18 am

    كلمه المرور

Leave a reply