all InfoSec news
Decryption of a zoomus.enc.db database
Oct. 4, 2023, 6:13 a.m. | /u/Altruistic_Cloud_693
Computer Forensics www.reddit.com
I've been trying for a couple of weeks to (unsuccessfully) decrypt a zoomus.enc.db. Axiom and other forensic tools have failed to decode, even after providing the password for the user.
I found an earlier post on the topic here:
[https://www.reddit.com/r/computerforensics/comments/kch7ot/zoom\_artifacts\_encrypted\_dbs/](https://www.reddit.com/r/computerforensics/comments/kch7ot/zoom_artifacts_encrypted_dbs/)
From my understanding of this post, the Zoom.us.ini file contains a base64 encoded string, which must be decoded into binary and then unprotected using DPAPI. This is the key that is used to decrypt the database using SQLCipher.
My …
axiom base64 computerforensics database decode decrypt decryption file forensic forensic tools found password tools topic understanding zoom
More from www.reddit.com / Computer Forensics
BIRT Incident Response & Triage Beta update
2 days, 18 hours ago |
www.reddit.com
FOR577: LINUX Incident Response and Threat Hunting
6 days, 14 hours ago |
www.reddit.com
How to input the NSRL database into Axiom?
1 week, 1 day ago |
www.reddit.com
Google account sign out for "suspicious activity"
1 week, 4 days ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC