Wednesday, April 24, 2013

Java IDX Notes from BSidesSLC

To find the files that are left behind by Java go to \\comp\c$\Users\*\AppData\LocalLow\Sun\Java\Deployment\cache\6.0  The path may vary.

In each numbered folder it will contain an IDX file and the actual file.

By utilizing https://github.com/Rurik/Java_IDX_Parser/blob/master/idx_parser.py you can evaluate the IDX file to see if the information contained could be malicious.

No comments:

Post a Comment

Powershell - Gather Mapped Drives from a List of Computer Names

I created the following Powershell script to gather remotely the mapped drives that users had in their profiles.  I had to create the script...