GitHub

About

This repository contains research artifacts and reversed-code analysis related to the LocalState cache used by the AAD Broker. The project documents how to fully decrypt the file formats found in the cache. It also implements logic from reverse engineered portions of AAD.Core.dll related to the naming conventions of the cache files.

https://winternl.com/aad-broker-cache

References

License

Code is released under the MIT license.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
.gitattributes		.gitattributes
.gitignore		.gitignore
Aad.Core.cs		Aad.Core.cs
BrokerDecrypt.csproj		BrokerDecrypt.csproj
BrokerDecrypt.sln		BrokerDecrypt.sln
LICENSE.txt		LICENSE.txt
Program.cs		Program.cs
PublisherHash.cs		PublisherHash.cs
README.md		README.md
Utility.cs		Utility.cs
app.config		app.config
packages.config		packages.config

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

About

References

License

About

Uh oh!

Releases

Packages

Languages

License

jackullrich/AADBrokerDecrypt

Folders and files

Latest commit

History

Repository files navigation

About

References

License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages