Exploiting GPP – Credential Storage in Groups.xml File

This Video is about finding cpassword which is stored in groups.xml of the Group policy preferences in a Domain. The password in groups.xml is encrypted using AES-256 bit (Microsoft has made the private key available in MSDN: https://msdn.microsoft.com/en-us/library/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be.aspx). To decrypt the password we will be Powersploit module and in some cases if it’s blocked by AV Programs Rieder-Roque’s powershell script to the Rescue ! (https://github.com/reider-roque/pentest-tools/blob/master/password-cracking/gpprefdecrypt/gpprefdecrypt.ps1).

Source: SecurityTube.Net @ March 5, 2017 at 06:37PM

0
Share