Get-DecryptInfoFromSideCarLogFiles no longer functional

[pl4nty]

It seems that the Intune Management Extension no longer produces the logs necessary to determine the intunewin IV and key.

I suspect this is due to a recent update. If anyone has docs from the start of October or earlier, I'd love to take a look.

[chelbea]

I'm having the same issue. Any solution for this? Thanks!

[okieselbach]

Stay tuned I found a way to get back the information. blog post is coming soon.

[elliot-huffman]

I have completely rebuilt the IntuneWin decrypter in PowerShell so that it doesn't need any external dependencies.
I have also added a few extra features to it and more documentation.

Take a peek and tell me what you think:
https://github.com/elliot-huffman/Powershell-Doodads/blob/main/Apps/Endpoint%20Manager%20(Intune)/Unprotect-IntuneWin.ps1

[pl4nty]

@elliot-huffman looks great! Might be worth PRing into https://github.com/MSEndpointMgr/IntuneWin32App.

Would be good to split into a few cmdlets eg Get-PackageDecryptInfo/Export-PackageFile, and an option to just export ParsedContentInfo to allow for devices with PowerShell CLM. Then the exporting could happen on a separate device with higher privileges (that may not have access to the same Intune apps, or even be Intune-managed at all).