all InfoSec news
EntropyCapture: Simple Extraction of DPAPI Optional Entropy
May 18, 2022, 2:45 p.m. | Merrillmatt011
Security Boulevard securityboulevard.com
Intro
During a short application assessment, enumeration and decryption of a third-party application’s Windows Data Protection API (DPAPI) blobs using SharpDPAPI produced non-readable data because optional entropy was being used. This may be common with applications that use DPAPI to protect sensitive data (e.g., configurations, passwords, user information, etc.). Although traditionally, many operators focus on identifying and reverse engineering the binary that is protecting and unprotecting the data, this was not an option due to operational time constraints. The approach …
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Penetration Tester, Retail Engineering, Early Career
@ Apple | Austin, Texas, United States
Principal Product Security Engineer
@ Palo Alto Networks | Bengaluru, India
Senior Manager/ Director, Cyber
@ McGrathNicol | Brisbane