Open AgentGrady opened 1 year ago
BubbleMaker2089
commented
11 months ago You need to obtain sha1 first using sekurlsa::logonpasswords (works for Win10, on Win11 it won't return sha1). Then, sha1 will be cached. And only after that use dpapi::masterkey command. You can also provide sha1 to dpapi::masterkey by /hash argument. See for details: https://tools.thehacker.recipes/mimikatz/modules/dpapi/masterkey
AgentGrady
commented
11 months ago You need to obtain sha1 first using sekurlsa::logonpasswords (works for Win10, on Win11 it won't return sha1). Then, sha1 will be cached. And only after that use dpapi::masterkey command. You can also provide sha1 to dpapi::masterkey by /hash argument. See for details: https://tools.thehacker.recipes/mimikatz/modules/dpapi/masterkey
Thank you, the operating system I am using is windows 10 but the files I am trying to decrypt are from a windows 10 back up or a laptop that had failed. Would sekurlsa::logonpasswords work for that back files or does that command not work under windows 11 in any case?
I have been trying to decrypt masterkeys with the masterkey function but it does nothing not even give a reason why it will not decrypt it.
Plus, I have been attempting to decrypt the opera passwords that are encrypted with it but even when I get the right master key I get this error plus it gives multiple masterkeys for the Google passwords even though it should only be one.
What are causing these issues and how can I resolve them?