Windows Gather Internet Download Manager (IDM) Password Extractor
This module recovers the saved premium download account passwords from Internet Download Manager (IDM). These passwords are stored in an encoded format in the registry. This module traverses through these registry entries and decodes them. Thanks to the template code of thelightcosine's CoreFTP password module.
Rank
- Normal
Authors
- sil3ntdre4m < sil3ntdre4m [at] gmail.com >
- SecurityXploded Team < contact [at] securityxploded.com >
Development
Similar Modules
- post/windows/gather/credentials/coreftp
- post/windows/gather/credentials/credential_collector
- post/windows/gather/credentials/dyndns
- post/windows/gather/credentials/enum_cred_store
- post/windows/gather/credentials/enum_picasa_pwds
- post/windows/gather/credentials/epo_sql
- post/windows/gather/credentials/filezilla_server
- post/windows/gather/credentials/flashfxp
- post/windows/gather/credentials/ftpnavigator
- post/windows/gather/credentials/imail
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/credentials/idm
msf post(idm) > set SESSION [INTEGER]
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use post/windows/gather/credentials/idm
msf post(idm) > set SESSION [INTEGER]
Module Options
| SESSION | The session to run this module on. |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |