[jve]

Yep. He just manually accessed stuff (de-obfuscated some layers) he had already access to. Try to do it with another user on the same system and then call it a day/vulnerability. If you, as a user, store some secrets, you have to eventually read them (i.e saved credentials)

This quote actually summarizes it:

> I wasn’t very familiar with DPAPI

Well, neither do I, but at least know the basics!https://en.wikipedia.org/wiki/Data_Protection_API