Monthly Archives: December 2014

Reading Outlook using Metasploit

In penetration tests, it sometimes can be hard to escalate privileges on a (WindowsOutlook) target system. In this situation it can be useful to gain access to resources with sensitive information, such as passwords.

Metasploit does not have any module to read email messages from a local Outlook installation. Outlook can however contain a lot of sensitive and useful information in a penetration test, such as networkcredentials. I decided to create a Metasploit module which can read and/or search the local Outlook email messages.

How?

In order to do this, the module is using powershell. The following powershell script is used by the Metasploit module:

Continue reading