Passcape Software Performs Comprehensive Analysis of DPAPI Security
Posted OnApril 19, 2012 by Rose Mary
Passcape Software company has performed the world´s first comprehensive analysis of Windows Data Protection API. The analysis was carried out with the help of six powerful utilities integrated into Windows Password Recovery solution. Vulnerabilities and functional drawbacks of DPAPI were revealed.
Passcape Software, a software development company known for its solutions for data recovery, forensic analysis and computer security, has published the results of a comprehensive analysis of Data Protection API and a complete description of its operation logic and all the undocumented structures. Why is DPAPI security an important issue? DPAPI is widely used in many Windows applications and subsystems for protection of private keys and other confidential information, and this analysis has revealed the weak points of the current version as well as serious vulnerabilities of the first implementation of DPAPI (used in Windows 2000).
The full text of the article is available here: http://www.passcape.com/index.php?setLang=2§ion=blog&cmd=details&id=20
This unprecedented analysis was made possible due to the latest version of Windows Password Recovery, a network security analyzer and Windows password recovery tool. Thanks to the set of powerful utilities integrated into it, Windows Password Recovery is the world´s first program that performs offline decryption of data protected by DPAPI. Besides decrypting, it can find DPAPI blobs on disk, analyze them, extract users´ credential history from DPAPI, decrypt Master Keys, validate their passwords, and much more. So far it is the only solution in the world that supports recovery of user password without having access to the registry or Active Directory.
The innovative utilities used by Windows Password Recovery are of special interest for information security specialists, since they can reveal corporate network security breaches even when other similar tools fail to detect them. The utilities will be also useful in the field of forensics, industry and government security.
The set of six breakthrough utilities enable you:
- To perform offline recovery of DPAPI blobs for any user account;
- To search for DPAPI blobs;
- To decrypt DPAPI blobs encrypted under the SYSTEM account (e.g., WiFi passwords);
- To analyze and decode Master Keys;
- To check user´s password without dumping hashes from SAM or NTDS.DIT;
- To decrypt history hashes of all passwords set earlier (without accessing SAM or NTDS.DIT).
Password Recovery Software: http://www.passcape.com/windows_password_recovery
Company website: http://www.passcape.com/
Founded in 2005, Passcape Software is a software development company specializing in computer security solutions. Its major products are Windows Password Recovery, Reset Windows Password, Opera Password Recovery and Mozilla Password Recovery. For more information about Passcape Software and its products please visit the company website.