Search Results For ""
Recover Spark IM Stored Passwords with Metasploit
Metasploit Module [1]
I recently added a post exploit module to the metasploit framework. The module will extract and decrypt passwords that are stored by the Spark Instant Messenger client. The passwords are stored in a file on the local HDD (spark.properties) using Triple DES encryption. This sounds all fine and dandy, but this all goes out the door when they hardcoded the key and made it publicly documented.
The vulnerability isn’t that new since it was documented by Adam Caudill back in July 2012 when he disclosed the details and PoC code in .net that illustrates how the attack can be completed. Mubix recently submitted a request to add this post exploit module into the framework. Well, SmilingRacoon and myself decided to answer the call and work up a module to accomplish this task.
NetLM Downgrade Attacks with Metasploit
Metasploit Module [1]
Recently I added a post exploit module to the metasploit framework that will help automate the NetLM Downgrade attack. If you are not familiar with the attack, I highly suggest you read the following article by Dave Howard before continuing.
The purpose of this article is not to describe the NetLM attack, but rather demonstrate how the post exploit module functions and how it can save time on a pentest or even get you that next step in order to take over the network.
Share This
Recent Posts
- Playing With the New Burp Suite REST API
- Burp Suite 2.0 Beta Review
- Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’
- GPG Errors While Updating Kali Linux
- Installing Kali NetHunter on HTC Nexus 9
Subscribe To Our Mailing List
The Ultimate Burp Suite Training Program
Learn Network Penetration Testing
Penetration Testing
Categories
- AWBS
- Burp Suite
- Definitions
- Forensics and Incident Response
- Information Gathering
- Metasploit
- Penetration Testing Tutorials
- Phishing
- Presentations
- Tools
- Web Applications
- Wireless