Dive into the intricacies of Windows' Data Protection API (DPAPI) in this 25-minute conference talk by Jacob Villarreal at BSides SATX. Gain a comprehensive understanding of DPAPI's functionality and its exploitation for credential dumping. Explore the encryption mechanisms used by popular applications like Chrome and Edge's password managers. Examine the code and requirements for data encryption and decryption processes. Discover techniques to abuse DPAPI, including methods for establishing Domain Persistence through the extraction of Domain Controllers' Backup Key. Enhance your knowledge of Windows security and potential vulnerabilities in this informative session scheduled for June 8, 2024, at 11:00 AM in Track 1 (UC Conference Room A).
DPAPI - The Spice of Encryption
BSides SATX via YouTube
Overview
Syllabus
2024-06-08, 11:00–, Track 1 UC Conference Rm A
Taught by
BSides SATX