Next week, DPAPIck will finally became the first opensource tool (GPLv3 licence) which is able to deal with DPAPI structures as well as the first tool that can do so from another operating system than Microsoft’s !
It has been entirely re-written in Python and only requires OpenSSL for decryption to be fully cross-platform. It is coming along with several applicative probes that embeds the decryption logic specific to each application that uses DPAPI (eg. Google Talk, Skype, Wireless keys, Internet Explorer, etc.).
And we are not releasing DPAPIck v0.2 alone ! It comes along with other surprises that we let you discover on August 🙂
Until the public release, you will be able to meet us, for the lucky ones who are attending BlackHat USA 2011 or DefCon 19. And if you are attending BlackHat, do not forget to go and see our presentation of OWADE, our new advanced forensic tool !
Filed under DPAPI BlackHat python OWADE