Password managers, Teamviewer, Outlook, etc.

Obtaining Credentials | NetExecwww.netexec.wiki

ThievingFox - Keepass, MobaXTerm, etc

Password Managers

GitHub - efchatz/pandora: A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.GitHub

Keepass

$ NetExec smb <ip> -u user -p pass -M keepass_discover
$ NetExec smb <ip> -u user -p pass -M keepass_trigger -o KEEPASS_CONFIG_PATH="path_from_module_discovery"

Keepass database kdbx

Credentials Hunting

CVE-2023-32784 - 2.X Master Password Dumper

Keepass < 2.54

GitHub - vdohney/keepass-password-dumper: Original PoC for CVE-2023-32784GitHub

GitHub - matro7sh/keepass-dump-masterkey: Script to retrieve the master password of a keepass database <= 2.53.1GitHub

Or in French (Nice Talk 🥳):

Teamviewer

TeamViewer

Solar-PuTTY

GitHub - VoidSec/SolarPuttyDecrypt: A post-exploitation tool to decrypt SolarPutty's sessions filesGitHub

Outlook - Pwnlook

GitHub - amjcyber/pwnlook: An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails configured in it.GitHub

How I Discovered a $3000 Microsoft Outlook Security VulnerabilityMedium

Microsoft Office & Outlook

Also check:

Credentials Hunting

Bitlocker Recovery Keys

GitHub - p0dalirius/ExtractBitlockerKeys: A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.GitHub

PreviousCredentials on Host NextMicrosoft Teams Cookies

Last updated 10 months ago

ThievingFox - Keepass, MobaXTerm, etc

Password Managers

Keepass

Keepass database kdbx

CVE-2023-32784 - 2.X Master Password Dumper

Keepwn - Keepass 2.5x - CVE-2023-24055

Keethief - KeePass 2.X

KeePass triggers are dead, long live KeePass triggers!

Teamviewer

Solar-PuTTY

Outlook - Pwnlook

Bitlocker Recovery Keys