+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: passwords via DPAPI cracking? (/thread-4480.html)
passwords via DPAPI cracking? - Kgx Pnqvhm - 06-26-2015
In the "DPAPI Secrets. Security analysis and data recovery in DPAPI" page over on http://www.passcape.com/index.php?section=docsys&cmd=details&id=28
there is a section near the end titled:
"Recovering user password without loading hashes from SAM/NTDS.DIT"
whose last paragraph reads:
[. . .] the recovery of user's password from the Master Key is not of any practical benefit. For example, in Windows 7, the password validation goes at the speed of about 10 p/s. Theoretically, the speed can be increased by a few orders of magnitude by optimizing the encryption algorithms and engaging GPU in the validation. [. . .]
Has this ever been on the goals list for oclHashcat?
RE: passwords via DPAPI cracking? - atom - 06-26-2015
No clue what DPAPI is