.Hi all, I have just started digging into the vista version of lsasrv.dll. I got into this by trying to modify the pshtoolkit (from CORE) to work with vista. I quickly found a nmbr of changes in the vista version of Lsa - specifically in the LsaEncrypMemory and related areas. Looks like AES is now thrown in. Since I am not a crypto expert (not close) I wanted to ask if anyone has either: a) already made significant progress in reversing vista's lsasrv.dll they would be willing to share - and/or b) some pointers for rvsing crypto stuff. Thanks!
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}