Merge pull request #19 from login-securite/dpapikey_fuckup
Patching PVK decryption fuckup
This commit is contained in:
Login Securite
GitHub
commit
e7bc3e0a3e
|
|
@ -268,11 +268,17 @@ class DPAPI:
|
||||||
|
|
||||||
decryptedKey = cipher.decrypt(dk['SecretData'][::-1], None)
|
decryptedKey = cipher.decrypt(dk['SecretData'][::-1], None)
|
||||||
if decryptedKey:
|
if decryptedKey:
|
||||||
|
try:
|
||||||
domain_master_key = DPAPI_DOMAIN_RSA_MASTER_KEY(decryptedKey)
|
domain_master_key = DPAPI_DOMAIN_RSA_MASTER_KEY(decryptedKey)
|
||||||
key = domain_master_key['buffer'][:domain_master_key['cbMasterKey']]
|
key = domain_master_key['buffer'][:domain_master_key['cbMasterKey']]
|
||||||
self.logging.debug('Decrypted key with domain backup key provided')
|
self.logging.debug('Decrypted key with domain backup key provided')
|
||||||
self.logging.debug('Decrypted key: 0x%s' % hexlify(key).decode('latin-1'))
|
self.logging.debug('Decrypted key: 0x%s' % hexlify(key).decode('latin-1'))
|
||||||
return '0x%s' % hexlify(key).decode('latin-1')
|
return '0x%s' % hexlify(key).decode('latin-1')
|
||||||
|
except: # on extrait l'info en dur
|
||||||
|
self.logging.debug('excepted, maybe because of a known DPAPI_PVK fuckup. trying to adjust ... ')
|
||||||
|
key = decryptedKey[8:96 + 8 - 32]
|
||||||
|
self.logging.debug('Decrypted key: 0x%s' % hexlify(key).decode('latin-1'))
|
||||||
|
return '0x%s' % hexlify(key).decode('latin-1')
|
||||||
else:
|
else:
|
||||||
logging.debug("Error in decryptedKey with PVK")
|
logging.debug("Error in decryptedKey with PVK")
|
||||||
# Lets try to decrypt it with another method
|
# Lets try to decrypt it with another method
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue