Note: The idea is heavily based on this project: https://github.com/BustedSec/gpp-decrypt

This tool is written in Python 3 to parse the Group Policy Preferences XML file which extracts the username and decrypts the cpassword attribute.

git clone https://github.com/t0thkr1s/gpp-decrypt

The script has only 2 dependencies:

• pycrypto
• colorama

You can install these by typing:

python3 setup.py install

python3 gpp-decrypt.py -f [groups.xml]

or

python3 gpp-decrypt.py -c [cpassword]

This tool is only for testing and academic purposes and can only be used where strict consent has been given. Do not use it for illegal purposes! It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this tool and software.

This project is licensed under the GPLv3 License - see the LICENSE file for details