Windows Registry decryption (CryptUnprotectData) WPA keys - c

I am writing a program for linux in C to extract the wpa/wep key from a windows registry hive.
Initially I was hoping to use wine's CryptUnprotectData function, but I realise now that wine uses a different algorithm and just mimics window's version. I also realise that only the user that encrypted the data can decrypt it.
I am using wzcook from the aircrack-ng suite as a guide.
http://tools.assembla.com/b6stFY7MOr2QtlaaeP0Qfc/browser/Windows/wzcook/wzcook.c
I've extracted the data from a hive without problems but I'm kind of stuck on how to decrypt the key.
If the key is encrypted in the registry for one user, then how does another user decrypt that data? I'm sure they don't have to retype the psk / passphrase if it has been already stored?
Is the data definitely encrypted even when offline (accessing the hive from linux)?
Any other solution for solving this, other than reverse engineering Microsoft's algorithm? :D
Any help / advise you can give is really appreciated,
Thanks.

As I understand it DPAPI uses a hash calculated from the user's actual password, so you would need both an open-source implementation of the Crypt functions and an explicit password from the user.
There has been some work on implementing CryptUnprotectData recently: DPAPIck

Related

How would you store a license key from ex.: Windows 10 or Steam in a Database?

I have a rather simple Question for you.
How would you store a license key from ex.: Windows 10 or Steam in a Database?
My thought process would be that I have to encrypt it, since I need to show the "customer" the plain text key after purchase. which as far as i understand isnt possible if hashed.
Are there other ways to protect the keys? Maybe even not using a Database altogether?
Thanks for your time!
I found an npm package called crypto that allows you to encrypt and descrypt data. I haven't tried it yet but I'll paste you the link i found here so you can go check by yourself.
https://attacomsian.com/blog/nodejs-encrypt-decrypt-data

Check RSA encryption via public key: command-line vs SQL Server

I have done some search, both here and on the web, but apparently it seems to be difficult to find a similar issue around, so I decided to post a question here.
I have the following task to accomplish (and unfortunately I am not an expert in OpenSSL encryption), having the following ingredients:
a SQL Server database (where I have 'sa' access rights, if necessary);
a DER certificate with a public key only.
I am requested to encrypt some DB data using that public key, and the result of the encryption must be the same I would obtain by using the following command (it uses the PKCS#1 v 1.5 padding, if I understood well):
.\openssl rsautl -encrypt -inkey <public key cert> -certin -pkcs
I know that SQL Server can import a certificate and encrypt data, but I don't know how/if I can set any options to drive the encryption process (e.g.: which padding it should use) in order to make sure that I really reproduced the template I was given.
On the other hand, if I am not wrong, since I have no private key, then I cannot test my encryption by just encrypting some data via SQL Server and then de-crypting them via the openssl command.
As an alternative, I thought that a check method could consist in encrypting the same data via openssl and via SQL Server, and then check if the returned strings are the same. Unfortunately, I learned from another StackOverflow question the every time a data is encrypted it is applied some random padding which cause the encrypted string to be always different.
Then, the first question: is it possible, both in the openssl command and in SQL Server, to temporarily 'fix' the used random seed, in order to make sure that every time one encrypts a string, it will always be applied the same padding, in order to be able to compare the results?
As an alternative, I would try to do my tests with a test certificate which I could try to generate with a pair of keys, but in this case I have some silly questions:
how can I generate a pair of keys and then create a certificate with the public key which will be an analogue to the one I was provided by the entity I will have to send data to?
how can I make sure that the format of this 'test' certificate is compliant to that of the production certificate provided to me?
Thanks a lot for every help and best regards. Sorry if my question can appear silly, but I am not an expert in this topic.

NodeJS embedded database (persistent & encryptable)?

Is there a decent database for nodejs that is able to be embeded & encrypted so that if someone does get that file of data, a password also has to be known ?
I am coming up short & though things like nosql, nedb, etc. exists, none of them see to be able to handle encryption of said data.
sqlcipher can be built for mapbox/sqlite3
Also, using encryption with nedb is really easy, you just create a crypto cipher and perform the operation in and out. See this example from bitcrypt
You'd basically do the same thing as cipherHelper and decipherHelper, but you'd put them in the afterSerialization and beforeDeserialization callbacks.

Perl - SQLite3 DB encryption

I successfully managed to create a SQLite3 DB with Perl using Perl::DBI module.
I was wondering if there was a way to add encryption to the database to my existing Perl code ?
I read thoroughly the 2 following links :
Password Protect a SQLite DB. Is it possible?
SQLite with encryption/password protection
but the provided examples seem only to include proprietary software or C# code (especially this bit here https://stackoverflow.com/a/24349415/3186538).
Thanks in advance.
Well, you could run your data through any of the Crypt::* modules (::DES, ::Blowfish, ::IDEA, etc, in conjunction with ::CBC), then possibly encode it with base64 to get text, before writing it to the DB. And, of course, reverse the operation when reading. You could even create a Perl::DBICrypt module that sat above Perl::DBI and did this automagically.
However, it depends pretty much on how you're going to use it. If you're just worried about someone stealing and using your data, the encryption would be feasible since, without the key, it would be useless.
On the other hand, if you're trying to protect data in a system you distribute, then the key will be available to the attacker (since, without it, your code won't work). So encrypting in that case would be a minor inconvenience at best.
It's something that could only really work if you kept the key away from the attacker (such as if the Perl code runs in an app server controlled by you).
Basically any solution that decrypts data on a box accessible to an attacker will be vulnerable.

asp.net windows forms - best place to persist application data

For Windows.Forms, I have an application that needs to get a unique install id for each install from my server, and then persist this data so once registered, the install ID is included on all communications back to the server. The application is in occasional contact with the server.
How can I persist this data on the client in a way that is not easily tampered with?
First, you should note that if the data is on the local file system and your application can read and write it, it will always be possible for a determined user to tamper with it... perhaps not easy, but possible nonetheless.
That said, there are a number of options you could consider, including (but not limited to) :
encrypting the data with a key defined in your assembly : pretty safe is the user has no programming skills, but an advanced user could disassemble your app to find the key. Obfuscation could make it harder to extract the key, but not impossible.
using an isolated storage : I'm not sure whether the data is encrypted or not, but at least it's not easily found, hidden in a deep folder hierarchy... Not so safe is the user knows where to look, however
writing the data in a binary format, which makes it harder to read or modify for a non expert user
using a piece of native code to encrypt the data : similar to the first option, but a native DLL is harder to disassemble than a .NET assembly, so it requires more skills to find the key
Again, all these approches are not bulletproof : as long as your program can access the data, an advanced user could always reverse engineer it and do the same...
You could save the data in the windows registry. You'll use the [HKCU\Software\YourAppName] hive key if it's a per-user setting, or [HKLM\Software\YourCompany] if it's a global setting. However, the data would need to be encrypted, because its trivila to get the values in these keys

Resources