Retrieving passwords from veeam backup servers

Security      

One of our readers asked this question. So here is the answer.

This requires that you have Admin access to your Veeam server and have installed SQL Management studio.

From SQL management studio (of any SQL management interface access method) run the following again the veeam management database:

SELECT TOP (1000) [id] 

,[user_name] 

,[password] 

,[usn] 

,[description] 

,[visible] 

,[change_time_utc] 

FROM [VeeamBackup].[dbo].[Credentials] 

This will dump the password hashes. Copy them and then run a PowerShell interface (I use ISE if I’m connected via RDP etc.) Now we are going to load the veeam DLL and we are going to call the protected storage function GetLocalString

Add-Type -Path "C:\Program Files\Veeam\Backup and Replication\Backup\Veeam.Backup.Common.dll" 

$encoded = 'INSERT_HASH_HERE' 

[Veeam.Backup.Common.ProtectedStorage]::GetLocalString($encoded) 

This will use the local machine key (hence you need administrator rights) to decrypt the hashes.