From 6271025796a8d96bc5b1efc0b98cabe8b68a02d2 Mon Sep 17 00:00:00 2001
From: SkelSec <info@skelsecprojects.com>
Date: Mon, 19 Sep 2022 20:04:39 +0200
Subject: [PATCH] adding describe function

---
 pypykatz/_version.py        |  2 +-
 pypykatz/dpapi/cmdhelper.py | 39 ++++++++++++++++++++++++++++++++++++-
 2 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/pypykatz/_version.py b/pypykatz/_version.py
index a8df64d..618a9cb 100644
--- a/pypykatz/_version.py
+++ b/pypykatz/_version.py
@@ -1,5 +1,5 @@
 
-__version__ = "0.6.1"
+__version__ = "0.6.2"
 __banner__ = \
 """
 # pypyKatz %s 
diff --git a/pypykatz/dpapi/cmdhelper.py b/pypykatz/dpapi/cmdhelper.py
index 7ca4e90..3874465 100644
--- a/pypykatz/dpapi/cmdhelper.py
+++ b/pypykatz/dpapi/cmdhelper.py
@@ -2,6 +2,12 @@
 import argparse
 import platform
 
+from pypykatz.dpapi.structures.blob import DPAPI_BLOB
+from pypykatz.dpapi.structures.credentialfile import CredentialFile
+from pypykatz.dpapi.structures.masterkeyfile import MasterKeyFile
+from pypykatz.dpapi.structures.vault import VAULT_VPOL
+from winacl.dtyp.wcee.pvkfile import PVKFile
+
 
 class DPAPICMDHelper:
 	def __init__(self):
@@ -131,6 +137,10 @@ def add_args(self, parser, live_parser):
 		dpapi_wifi_group.add_argument('mkf', help= 'Keyfile generated by the masterkey -o command.')
 		dpapi_wifi_group.add_argument('wifixml', help='WIFI config XML file')
 
+		dpapi_describe_group = dpapi_subparsers.add_parser('describe', help='Print information on given structure')
+		dpapi_describe_group.add_argument('datatype', choices = ['blob', 'masterkey', 'pvk', 'vpol', 'credential'], help= 'Type of structure')
+		dpapi_describe_group.add_argument('data', help='filepath or hex-encoded data')
+
 
 	def execute(self, args):
 		if len(self.keywords) > 0 and args.command in self.keywords:
@@ -284,7 +294,34 @@ def run(self, args):
 			wificonfig_enc = DPAPI.parse_wifi_config_file(args.wifixml)
 			wificonfig = dpapi.decrypt_wifi_config_file_inner(wificonfig_enc)
 			print('%s : %s' % (wificonfig['name'], wificonfig['key']))
-		
+
+		elif args.dapi_module == 'describe':
+			def read_file_or_hex(x):
+				data = None
+				try:
+					with open(x, 'rb') as f:
+						data=f.read()
+				except:
+					data = bytes.fromhex(x)
+				return data
+
+			try:
+				data = read_file_or_hex(args.data)
+			except:
+				raise Exception('Could not load data!')
+			if args.datatype.upper() == 'BLOB':
+				res = DPAPI_BLOB.from_bytes(data)
+			elif args.datatype.upper() == 'MASTERKEY':
+				res = MasterKeyFile.from_bytes(data)
+			elif args.datatype.upper() == 'VPOL':
+				res = VAULT_VPOL.from_bytes(data)
+			elif args.datatype.upper() == 'PVK':
+				res = PVKFile.from_bytes(data)
+			elif args.datatype.upper() == 'CREDENTIAL':
+				res = CredentialFile.from_bytes(data)
+			else:
+				raise Exception('Unknown data format %s' % args.datatype)
+			print(str(res))
 
 	def run_live(self, args):
 		if platform.system().lower() != 'windows':