module
Delinea Thycotic Secret Server Dump
| Disclosed | Created |
|---|---|
| 2022-08-15 | 2022-09-30 |
Disclosed
2022-08-15
Created
2022-09-30
Description
This module exports and decrypts Secret Server credentials to a CSV file;
it is intended as a post-exploitation module for Windows hosts with Delinea/Thycotic
Secret Server installed. Master Encryption Key (MEK) and associated IV values are
decrypted from encryption.config using a static key baked into the software. The
module also supports parameter recovery for encryption configs configured with
Windows DPAPI.
it is intended as a post-exploitation module for Windows hosts with Delinea/Thycotic
Secret Server installed. Master Encryption Key (MEK) and associated IV values are
decrypted from encryption.config using a static key baked into the software. The
module also supports parameter recovery for encryption configs configured with
Windows DPAPI.
Author
npm npm@cesium137.io
Platform
Windows
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.