Home > Products > Windows Passwords > Windows Password Recovery > Screenshots > Forensic tools > DPAPI > DPAPI blob recovery
DPAPI recovery
19.11.2014
Reset Windows Password v5.0
With support for UEFI and Windows 10 TP
31.10.2014
Passcape ISO Buner
With support for UDF
03.10.2014
Passcape Wordlist Collection
Over 3 Gb of new dictionaries were added
29.09.2014
Wireless Password Recovery v3.4
Improved performance processing a big list of WPA hashes

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Windows Password Recovery - DPAPI blob decryption



The decryption of DPAPI blobs consists of four steps of the wizard.

Select DPAPI-encrypted blob file
Selecting DPAPI blob

On the first step, specify the path to the file with a DPAPI blob. It must be said that actual DPAPI objects may be stored in different locations of the operating system; for example, in individual xml files, in the registry, in Active Directory; and in different formats: binary, ASCII, UNICODE. There is a special tool for locating, extracting and saving DPAPI blobs to files. With that utility, for example, you can save all DPAPI blobs from a user's registry to individual files and use them in the program.

Here are storage locations for some DPAPI objects.

  • Internet Explorer and Outlook passwords, WiFi passwords (XP only): user's registry, %APPDATA%\ntuser.dat
  • Google Chrome: %LOCALAPPDATA%\Google\Chrome
  • WiFi passwords (Windows Vista and higher): %PROGRAMDATA%\Microsoft\Wlansvc
  • Network connection passwords (Windows Credential Manager): %LOCALAPPDATA%\Microsoft\Credentials or %APPDATA%\Microsoft\Credentials
Use the finder utility to extract DPAPI data from there.


 

Select Master Key
Selecting DPAPI Master Key

Master Key is a set of 64 random bytes, used as the primary key when decrypting DPAPI blobs. Master Key is encrypted with user's password (or system's password if that is a system Master Key). User's Master Key is always located in %APPDATA%\Microsoft\Protect\%SID% folder, while a system account's Master Keys are stored in %SYSTEMDIR%\Microsoft\Protect. It must be noted that there can be several Master Keys, and only one of them is suitable for decrypting a certain object, the one with the name stored inside the DPAPI blob. When searching for a Master Key, the program may filter out unnecessary names. The folder %APPDATA%\Microsoft\Protect also contains the CREDHIST file, which is optional parameter, and in the majority of cases is not required for the decryption.


 

Decrypt Master Key
Decrypting DPAPI Master Key

At least two parameters must be set in order to decrypt user's Master Key: user's logon password and his security identifier (SID), which is normally specified in the path to the Master Key or flashed in CREDHIST. One way or the other, Windows Password Recovery calculates user's SID automatically. To decrypt a system's Master Key, as it has been said already, setting a password doesn't make sense, as the program retrieves all data necessary for the recovery from two registry files: SYSTEM and SECURITY. If additional entropy was used when creating the DPAPI blob, you must manually create the binary entropy file and specify the path to it. For example, when encrypting Internet Explorer passwords, the UNICODE-formatted website name is used as entropy.

It is curious that Windows 2000 has a critical vulnerability, which allows decrypting any(!) DPAPI blob on a standalone PC without necessarily specifying user's logon password! I.e. all the data protected with DPAPI are actually vulnerable. This is a major fault in the implementation of DPAPI, which is known to Microsoft; however, other operating systems do not have this drawback. If the CRYPTPROTECT_LOCAL_MACHINE flag was set in the CryptProtectData function when protecting data, the decryption of that data is also possible without the user's logon password (for example, wireless network passwords). However, this is a peculiarity of an interface implementation and is not a bug.

Windows Password Recovery starting with version 9.7 utilizes some new vulnerabilities in DPAPI Master Key protection which were revealed by our company. Thus to decrypt a Master Key of a domain user, the owner logon password is not necessary any longer.


 

Decrypt data
Decrypting DPAPI blob

Having all that is necessary, Windows Password Recovery performs the final decryption of the DPAPI blob data, which you can then copy to clipboard or save to file. If the final step of the decryption ends up with an error, it is most likely because you have not set properly or not set at all the additional entropy. For example, Internet Explorer and Vista Ftp Manager uses the source page where the password was entered as entropy. Windows Credential Manager, similarly, uses certain string constants, and so on.