-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathslacksploit.py
executable file
·116 lines (93 loc) · 4.13 KB
/
slacksploit.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
import os, sys, time
import platform, getpass
import csv
import ccl_leveldb
import pathlib
banner = '''
_____ _ _ _ _ _
/ ____| | | | | | (_) |
| (___ | | __ _ ___| | _____ _ __ | | ___ _| |_
\___ \| |/ _` |/ __| |/ / __| '_ \| |/ _ \| | __|
____) | | (_| | (__| <\__ \ |_) | | (_) | | |_
|_____/|_|\__,_|\___|_|\_\___/ .__/|_|\___/|_|\__|
| |
|_|
'''
ENCODING = "iso-8859-1" # Encoding for parsing and dumping the leveldb contents into CSV
def checklocation(path):
return os.path.isdir(path)
def typingPrint(text):
for character in text:
sys.stdout.write(character)
sys.stdout.flush()
time.sleep(0.05)
def dumb_leveldb(input_path):
output_path = input_path.split("/")[-2] + "dump.csv"
print("Parsing the leveldb files from "+input_path)
leveldb_records = ccl_leveldb.RawLevelDb(input_path)
with open(output_path, "w", encoding="utf-8", newline="") as file1:
writes = csv.writer(file1, quoting=csv.QUOTE_ALL)
writes.writerow(
[
"key-hex", "key-text", "value-hex", "value-text", "origin_file",
"file_type", "offset", "seq", "state", "was_compressed"
])
for record in leveldb_records.iterate_records_raw():
writes.writerow([
record.user_key.hex(" ", 1),
record.user_key.decode(ENCODING, "replace"),
record.value.hex(" ", 1),
record.value.decode(ENCODING, "replace"),
str(record.origin_file),
record.file_type.name,
record.offset,
record.seq,
record.state.name,
record.was_compressed
])
print("The leveldb content has been written into "+output_path)
if __name__ == '__main__':
print(banner)
opsys = platform.system()
opsysversion = platform.release()
hostname = platform.node()
user = getpass.getuser()
print("OS : "+opsys)
print("System Version : "+opsysversion)
print("Hostname : "+hostname)
print("User : "+user)
mac_slack_resource = "/Applications/Slack.app/Contents/Resources/"
mac_slack_storage = "/Users/" + user + /Library/Application Support/Slack/"
wins_slack_resource = "C:/Users/" + user + "/AppData/Local/slack/"
wins_slack_storage = "C:/Users/" + user " + "/AppData/Roaming/Slack/"
linux_slack_resource = "~/snap/slack/60/etc/"
linux_slack_storage = "~/snap/slack/60/.config/Slack/"
print("Enumerating OS for Slack Installation ....")
leveldb_locations = []
if opsys == "Darwin":
if checklocation(mac_slack_storage):
print("Found Slack Storage Directory: "+mac_slack_storage)
if checklocation(mac_slack_resource):
print("Found Slack Storage Directory: "+mac_slack_resource)
if checklocation(mac_slack_storage+"Session Storage/"):
leveldb_locations.append(mac_slack_storage+"Session Storage/")
if checklocation(mac_slack_storage+"/IndexedDB/https_app.slack.com_0.indexeddb.leveldb/"):
leveldb_locations.append(mac_slack_storage+"/IndexedDB/https_app.slack.com_0.indexeddb.leveldb/")
if checklocation(mac_slack_storage+"/Local Storage/leveldb/"):
leveldb_locations.append(mac_slack_storage+"/Local Storage/leveldb/")
elif opsys == "Windows":
if checklocation(wins_slack_storage):
print("Found Slack Storage Directory: "+wins_slack_storage)
if checklocation(wins_slack_resource):
print("Found Slack Storage Directory: "+wins_slack_resource)
elif opsys == "Linux":
if checklocation(linux_slack_storage):
print("Found Slack Storage Directory: "+linux_slack_storage)
if checklocation(linux_slack_resource):
print("Found Slack Storage Directory: "+linux_slack_resource)
else:
print("Slacksploit isn't supported for the given Operating system")
quit()
print("Examining LevelDB Files")
for loc in leveldb_locations:
dumb_leveldb(loc)