crypto::patchcapi
crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE
I used it to dump certificates with private keys from the system certifcate store on a server 2012 machine.
Thursday, July 18, 2013
Exporting windows certificates with a private key that is flagged as non-exportable
If you ever need to export certificates on a windows machine with private keys which are flagged as non exportable. You can use Mimekatz: http://blog.gentilkiwi.com/mimikatz, you only need two commands to do this:
crypto::patchcapi
crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE
I used it to dump certificates with private keys from the system certifcate store on a server 2012 machine.
If you want to dump other certificate stores, you can use http://msdn.microsoft.com/en-us/library/windows/desktop/aa388136(v=vs.85).aspx as a reference
crypto::patchcapi
crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE
I used it to dump certificates with private keys from the system certifcate store on a server 2012 machine.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment