Microsoft Sticky Notes
Great security practices from Juliette and the development team! Storing passwords in cleartext is never a good security practice.
From an online reference, we can see that the data is stored in AppData
directory of the user.
Proceed to retrieve sqlite3 files
Venturing into C:\Users\juliette\Appdata\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState
, we can see that there are a few sqlite3 files.
We will proceed to download plum.sqlite
, plum.sqlite-wal
and plum.sqlite-shm
to our local machine.
Since SMB is a hassel to set-up, I have used scp to copy the files over.
scp [email protected]:/C:/Users/juliette/Appdata/Local/Packages/Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe/LocalState/<file name> .
Leaked passwords
Since these are sqlite3 files, we can simply dump the content using strings
.
Development account
Seems like the password for development
account is revealed. We will proceed to SSH in as development
.