NetExec icon indicating copy to clipboard operation
NetExec copied to clipboard

Published 20 hours ago verified publisher icon Pennyw0rth

Passwords dump update

Open zblurx opened this issue 11 months ago • 7 comments

This PR aims to implement new secrets looting. For now :

  • Google Refresh Token
  • SCCM
  • VNC

zblurx avatar Mar 22 '24 16:03 zblurx

Now support also mRemoteNG password dump

zblurx avatar Mar 28 '24 12:03 zblurx

And now support MobaXterm password dump

zblurx avatar Apr 03 '24 08:04 zblurx

@zblurx can you add these commands to the e2e tests?

Marshall-Hallenbeck avatar Apr 28 '24 23:04 Marshall-Hallenbeck

mremoteng working 🚀 image

NeffIsBack avatar Apr 29 '24 21:04 NeffIsBack

First run (with registry) works, second one (using config file as storage method) doesn't @zblurx image

NeffIsBack avatar Apr 29 '24 22:04 NeffIsBack

Got vnc setup working now. Added a check for realvnc's proxy credentials. There is bug with the password decryption only showing 8 characters though. image

EDIT: UltraVNC only supports passwords up to 8 characters yikes. The rest is just cut off without any warning

NeffIsBack avatar May 05 '24 15:05 NeffIsBack

Got vnc setup working now. Added a check for realvnc's proxy credentials. There is bug with the password decryption only showing 8 characters though. image

EDIT: UltraVNC only supports passwords up to 8 characters yikes. The rest is just cut off without any warning

Fixed the truncated passwords when decrypting: image

NeffIsBack avatar May 05 '24 16:05 NeffIsBack

SCCM working flawless now 🚀 image Tomorrow i will test the googleRefreshToken stuff and we should be good2go 🎉

NeffIsBack avatar May 21 '24 23:05 NeffIsBack

Fixed the conflict that occurred because of my arg parse refactor, should be good now, it was just the --sccm flag needed to be added with the other cred options

Marshall-Hallenbeck avatar May 24 '24 15:05 Marshall-Hallenbeck