1 Reply Latest reply on Apr 26, 2017 4:30 AM by mreco

    EETech CD valid for all computers?


      Hi guys,


      I'm testing DETech to decrypt drives encrypted with McAfee Drive Encryption, as part of the process loginto ePO and downloading the XML Recovery File for that specific computer is required.


      I'd like to create a USB stick or CD that could be used to decrypt all the PCs in the company, but haven't seen the option to download multiple XML files at once or a sort of 'master' XML file valid for all PCs. Is there a way to do this, either being able to download multiple XML files for all the computers, or any other method that allows creating a bootable disk to decrypt everything?



        • 1. Re: EETech CD valid for all computers?

          As far as I know there are two methods:


          - using python (can be downloaded via ePO Software Manager) and then e.g. use this script:


          # To invoke this script pass the servername, the port, the username to run the script as, and

          # the name of the file containing the systems as command line arguments:


          # C:\>python _exportMachineKeys.py yourservername 8443 yourusername systems.txt




          import mcafee

          import eemachinekey

          import sys



          # Verify correct number of arguments are given

          if(len(sys.argv) != 5):

            print 'Usage: python _exportMachineKeys.py <servername> <port> <username> <filename>'







          filename = sys.argv[4]



          # Prompt for the password

          print 'Enter password: '

          pwd = sys.stdin.readline().strip()



          mc = mcafee.client(server,port,user,pwd)



          f = open(filename, 'r')



          for line in f:

            computerName = line.rstrip('\n')

            print 'Exporting Machine Key for system: ' + str(computerName)

            result = mc.eeadmin.exportMachineKey(machineName='%s' % computerName, oldKeys="True")

            eemachinekey.extract_and_save(computerName, result)

            print str(computerName) + '.xml written to disk'



          print 'Finished'




          - use this tool: Endpoint Encryption Bulk Key Export Utility (EE Key Dump, EEExport)


          I recommend not to use such a tool, since the USB stick you're creating will contain all decryption keys of the systems in your environment. Anyone who finds the key can decrypt all your systems!