Microsoft Sticky Notes
Great security practices from Juliette and the development team! Storing passwords in cleartext is never a good security practice.
From an online reference, we can see that the data is stored in
AppData directory of the user.
Proceed to retrieve sqlite3 files
C:\Users\juliette\Appdata\Local\Packages\Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe\LocalState, we can see that there are a few sqlite3 files.
We will proceed to download
plum.sqlite-shm to our local machine.
Since SMB is a hassel to set-up, I have used scp to copy the files over.
scp [email protected]:/C:/Users/juliette/Appdata/Local/Packages/Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe/LocalState/<file name> .
Since these are sqlite3 files, we can simply dump the content using
Seems like the password for
development account is revealed. We will proceed to SSH in as