Credential Access

gpp-decrypt

Decrypt Group Policy Preferences passwords.

credentialsad

gpp-decrypt — terminal

$ gpp-decrypt 'edBSHowhZLTjt/QS9FeIcJ83mjWA98gw9guKOhJOdcqh+ZGMeXOsQbCpZ3xUjTLfCuNH8pG5aSVYdYw/NglVmQ'

What it does

gpp-decrypt recovers the plaintext of the well-known AES-encrypted cpassword stored in SYSVOL Group Policy Preferences. Finding one is a quick win toward Active Directory privilege escalation.

Source

https://github.com/t0thkr1s/gpp-decrypt ↗

More Credential Access tools

HashcatGPU-accelerated password cracking.HydraFast online network login brute-forcer.LaZagneLocal credential harvester.MimikatzExtract Windows credentials from memory.

Need hosted scanning instead of local tooling?

Run a scan in the browser →