Today we will see how can we extract skype username ; contacts details ;conversation;file transfer & also firefox history;cookies;google search from victim computer.
First of all it`s post exploitation, So i don`t go deep in How to hack remote P.C.. if you want to learn than click here & read metasploit section of blog.So you have to hack remote computer using metasploit.
I create simple payload ; encoded it so antivirus can not detect it.
And then send link to victim , as soon as he download payload and execute it we get meterpreter shell.
After getting shell we have to get admin access of victim computer ;so by running getsystem command we can get admin access of shell.
Now skype , firefox ,chrome stores their database in sql format ; so we have to download their database to our system.According to O.S. location of database is differ.We first download skype database its name is main.db.
In windows C:\\Users\user_name\AppData\Roaming\Skype\skype_user_name
In mac Users/user_name/Library//Application/Support/Skype/skype_user_name
In Linux /root/.Skype/skype_user_name
So we download database & saved to root folder.
Now we download firefox database folder which contain cookies ;history ;search history ;download history.In below image you can show directory of database for firefox.
After getting database clear event ; close sessions if you don`t want any other post exploitation.
Now we have database we have to extract data from it ; so if you know sqllite you can extract data manually but it`s very hard working process to extract data one by one.so we create script which extract data from database.
Extract Data from skype database:-
Here is simple script to extract data from skype.Visit following link for downloading script.
http://pentesterscript.wordpress.com/2013/08/07/extract-contacts-call-log-message-from-skype-database/
Extract Data from firefox:-
Here is simple script to extract data from firefox.Visit following link for downloading script.
You can also create script for download database from chrome . Or if you need it then comment here ; i will send you.
First of all it`s post exploitation, So i don`t go deep in How to hack remote P.C.. if you want to learn than click here & read metasploit section of blog.So you have to hack remote computer using metasploit.
I create simple payload ; encoded it so antivirus can not detect it.
And then send link to victim , as soon as he download payload and execute it we get meterpreter shell.
After getting shell we have to get admin access of victim computer ;so by running getsystem command we can get admin access of shell.
Now skype , firefox ,chrome stores their database in sql format ; so we have to download their database to our system.According to O.S. location of database is differ.We first download skype database its name is main.db.
In windows C:\\Users\user_name\AppData\Roaming\Skype\skype_user_name
In mac Users/user_name/Library//Application/Support/Skype/skype_user_name
In Linux /root/.Skype/skype_user_name
So we download database & saved to root folder.
Now we download firefox database folder which contain cookies ;history ;search history ;download history.In below image you can show directory of database for firefox.
After getting database clear event ; close sessions if you don`t want any other post exploitation.
Now we have database we have to extract data from it ; so if you know sqllite you can extract data manually but it`s very hard working process to extract data one by one.so we create script which extract data from database.
Extract Data from skype database:-
Here is simple script to extract data from skype.Visit following link for downloading script.
http://pentesterscript.wordpress.com/2013/08/07/extract-contacts-call-log-message-from-skype-database/
Extract Data from firefox:-
Here is simple script to extract data from firefox.Visit following link for downloading script.
You can also create script for download database from chrome . Or if you need it then comment here ; i will send you.
No comments:
Post a Comment