<aside> 📌 Summary
</aside>
GPP/cPassword attacks involve exploiting Group Policy Preferences (GPP) settings in Windows environments. Attackers target the "cPassword" attribute used to store credentials for mapping drives or other services. As GPP settings are stored in a weakly encrypted format, attackers can extract and crack passwords offline. This enables unauthorized access to systems and data.
This setting is enabled on old Active Directories only but is still relevant.