{"id":598,"date":"2020-07-28T17:53:48","date_gmt":"2020-07-28T17:53:48","guid":{"rendered":"https:\/\/cybersecthreat.com\/?p=598"},"modified":"2024-04-01T13:51:05","modified_gmt":"2024-04-01T05:51:05","slug":"extract-password-from-exe-part1","status":"publish","type":"post","link":"https:\/\/cybersecthreat.com\/zh\/2020\/07\/28\/extract-password-from-exe-part1\/","title":{"rendered":"Extract password from exe(1)"},"content":{"rendered":"

Extract password from exe – Part 1<\/h2>\n\n\n\n

Extract password from exe is one of the techniques that we may use during our red team engagement. Actually, there are tons of information that is available in an executable file. This information may include credentials, keys, database information, IP address, etc. Although we will use the red team’s perspective to extract information such as credentials in this article. The key techniques still apply to malware sample analysis. <\/p>\n\n\n\n

In this part 1 series, we will focus on some popular script-to-executable file converters including py2exe, PyInstaller, and AutoIT. As you may also be aware, many Anti-Virus evasion tools such as Veil Evasion<\/strong> can generate executable files in these formats.<\/p>\n\n\n\n

So, we start with some basic script and our goal is to bypass the authentication. For each of the script converters, our flow of discussion is to write a simple script, discuss how to convert it to an executable file, analyze of executable file, and lastly how to decompile it. Of course, you may say I can bypass authentication using disassemblers such as OllyDbg<\/a>, Immunity Debugger<\/a>, x64dbg<\/a> or IDA Pro<\/a>. However, we try to do it more simply and effectively. <\/p>\n\n\n