Export non-exportable private keys from Windows key store

When I was looking for a utility to export the non-exportable private keys in Windows, I found the mimikatz tool, which enabled me to do that and a lot more.

To export the private keys, run mimikatz as administrator and type:

crypto::capi
crypto::certificates /export

And you’ll get the certicates exported with the password mimikatz. You can also export the machine certificates with /systemstore flag. See the wiki for more info.

This tool is detected as a threat by many antivirus, so you’ll have to probably disable yours before using it.

Advertisements

2 thoughts on “Export non-exportable private keys from Windows key store”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s