Support for cracking DPAPI masterkey files from XP to Win10 #2521
tl;dr: DPAPI is an API offered to Windows developpers by Microsoft to protect some data (password, certificates, data, etc.). DPAPI data protection relies on the currently logged on user's password. In order to encrypt/decrypt data, Windows derivates the user's password to unprotect "masterkey files", then extract a symetric master key from them and uses it to proceed further encryption/decryption.
Cracking DPAPI masterkey file can be useful in different scenarii:
The support of this algorithm is splitted in 2 separate formats, dpapimkv1 and dpapimkv2 as pbkdf2 routines do not rely on the same hashing algorithm, thus a bit annoying for sse optimization.
Concerning the commit:
Finally, the format of input hash was defined for possible other algorithm.
This addresses #898
I'll implement these algorithms in hashcat as soon as I have time, using the same input hashing form.
Tests have been done using ASAN, compiler was gcc version 6.3.0 and version 5.4.0
which is better than I thought regarding the high number of iterations (it can actually change from one operating system version to another and from a workstation to a server version).
Overall, the new code is looking great
Thanks for the review!