Data Protection API (DPAPI) is a pair of function calls that provide Windows operating system-level data protection services to user and system processes. CryptoCluster is able to crack DPAPI master key, this can be useful in some cases:
- retrieve secrets stored in DPAPI and protected by user’s password,
- retrieve user logon password without needing admin rights
Both can lead to uncover secret user passwords in pentesting environment.
If you are pentester and would like to crack DPAPI master key – please Contact us.