How can an attacker recover the DPAPI MasterKey from a live Windows system using mimikatz?

With administrator privileges, an attacker can run mimikatz in an interactive session and execute the commands `privilege::debug` followed by `sekurlsa::dpapi`. This reads the LSASS process memory and displays all cached MasterKeys along with their corresponding Master Key files. This online technique is effective for immediate decryption of DPAPI blobs on the compromised system.