Description: This Video is about finding cpassword which is stored in groups.xml of the Group policy preferences in a Domain. The password in groups.xml is encrypted using AES-256 bit (Microsoft has made the private key available in MSDN: https://msdn.microsoft.com/en-us/library/2c15cbf0-f086-4c74-8b70-1f2fa45dd4be.aspx). To decrypt the password we will be Powersploit module and in some cases if it's blocked by AV Programs Rieder-Roque's powershell script to the Rescue ! (https://github.com/reider-roque/pentest-tools/blob/master/password-cracking/gpprefdecrypt/gpprefdecrypt.ps1).
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.