Revisions to Recover OpenVPN Saved Password

The Microsoft solution says auth-data and not key-data and this is in fact what it is. Changed to auth-data

Source Link

edited Aug 11, 2020 at 12:48

411
4
5

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

edit: on windows 10, OpenVPN v11.9, $encryptedbytes=$item.'key-data'

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

edit: on windows 10, OpenVPN v11.9, $encryptedbytes=$item.'key-data'

The Microsoft solution says auth-data and not key-data and this is in fact what it is. Changed to auth-data

Source Link

edit approved Aug 11, 2020 at 12:48

Community Bot

1

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'key'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'key-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

Added syntax highlighting

Source Link

edited Mar 13, 2020 at 11:32

JW0914

8.3k
7
31
50

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different.different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs\"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
    $encryptedbytes=$item.'key-data'
    $entropy=$item.'entropy'
    $entropy=$entropy[0..(($entropy.Length)-2)]

    $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
        $encryptedBytes, 
        $entropy, 
        [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
    Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'key-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different. my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs\"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
    $encryptedbytes=$item.'key-data'
    $entropy=$item.'entropy'
    $entropy=$entropy[0..(($entropy.Length)-2)]

    $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
        $encryptedBytes, 
        $entropy, 
        [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
    Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'key-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

Source Link

created Mar 13, 2020 at 9:52

Alex

411
4
5

Loading

Stack Exchange Network

Return to Answer