tags:

views:

34

answers:

1
+1  Q: 

Windows Registry decryption (CryptUnprotectData) WPA keys

Hi.

I am writing a program for linux in C to extract the wpa/wep key from a windows registry hive.

Initially I was hoping to use wine's CryptUnprotectData function, but I realise now that wine uses a different algorithm and just mimics window's version. I also realise that only the user that encrypted the data can decrypt it.

I am using wzcook from the aircrack-ng suite as a guide. http://tools.assembla.com/b6stFY7MOr2QtlaaeP0Qfc/browser/Windows/wzcook/wzcook.c

I've extracted the data from a hive without problems but I'm kind of stuck on how to decrypt the key.

If the key is encrypted in the registry for one user, then how does another user decrypt that data? I'm sure they don't have to retype the psk / passphrase if it has been already stored?

Is the data definitely encrypted even when offline (accessing the hive from linux)?

Any other solution for solving this, other than reverse engineering Microsoft's algorithm? :D

Any help / advise you can give is really appreciated,

Thanks.

A: 

As I understand it DPAPI uses a hash calculated from the user's actual password, so you would need both an open-source implementation of the Crypt functions and an explicit password from the user.

There has been some work on implementing CryptUnprotectData recently: DPAPIck

bobince  2010-10-12 13:34:41
Thanks for the link! Was thinking that I'd have to give up on this but maybe there's a way.They haven't released their source yet, but I found this paper by them on it http://ly.tl/t6a .It looks interesting, will read through it.At least then I should know more about how it works and whether it'll be possible to implement.Thanks for your help.
jcul  2010-10-12 17:47:09
Just had a read through that paper. Was exactly what I needed. Thank you.
jcul  2010-10-12 20:53:19
Oh great! I'm glad if it's workable, last time I looked at this it was a dead end.
bobince  2010-10-12 21:20:54

related questions

any good tool for makefile generation?
How do you pass a function as a parameter in C?
Where should a veteran C programmer start in order to master Java ?
Any good book on best practice and guidelines in developing a SDK in C?
How do you determine the size of a file in C?
Decoding printf statements in C (Printf Primer)
Shift operator in C
How to avoid redefining VERSION, PACKAGE, etc.
Alpha blending sprites in Nintendo DS Homebrew
When should I use type abstraction in embedded systems
How to implement continuations?
What are the barriers to understanding pointers and what can be done to overcome them?
Anyone have experience creating a shared library in MATLAB?
String.indexOf function in C
Passing multidimensional arrays as function arguments in C
C/C++ library for reading MIDI signals from a USB MIDI device
Choosing a static code analysis tool
How do you printf an unsigned long long int?
Good STL-like library for C.
Rockbox audio format
Why am I getting a malloc: double free error with realloc()?
Should I learn C?
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS