I need to export private key from Windows store. What should I do if the key is marked as non-exportable? I know that it is possible, program jailbreak can export this key.
To export key I use Org.BouncyCastle.Security.DotNetUtilities.GetKeyPair()
that exports key from (RSACryptoServiceProvider)cryptoProv.ExportParameters(true)
. Exported key I use in Org.BouncyCastle.Cms.CmsSignedDataGenerator
for CMS signature.
I need solution for .Net, but any solution will be useful. Thank you.
You're right, no API at all that I'm aware to export PrivateKey marked as non-exportable. But if you patch (in memory) normal APIs, you can use the normal way to export :)
There is a new version of mimikatz that also support CNG Export (Windows Vista / 7 / 2008 ...)
Run it and enter the following commands in its prompt:
privilege::debug
(unless you already have it or target only CryptoApi)crypto::patchcng
(nt 6) and/or crypto::patchcapi
(nt 5 & 6)crypto::exportCertificates
and/or crypto::exportCertificates CERT_SYSTEM_STORE_LOCAL_MACHINE
The exported .pfx files are password protected with the password "mimikatz"