Slack

101

Slack is a cloud-based messaging platform designed for team communication and collaboration. It allows users to organize conversations into channels, share files, and integrate with external apps and services like GitHub, Jenkins, or Google Drive.

Attacks

Exports

Slack, particularly in Enterprise or compliance-focused environments, is known to redact sensitive information such as credentials in standard exports:

# winPEAS output
╔══════════╣ Interesting GROUP writable files (not in Home) (max 200)
╚ https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html#writable-files
Group margaret:
/tmp/Test Workspace Slack export May 17 2020 - May 18 2020.zip

# Unzip the file
$ unzip 'Test Workspace Slack export May 17 2020 - May 18 2020.zip' 

# Inspect the JSON file
$ cat secure/2020-05-18.json 
        "text": "I also set you a new password on the Ubuntu box - 69F15HST1CX, same username",

In such cases, the original unredacted messages are often stored in separate secure JSON files, typically found in paths like ~/.config/Slack/exported_data/secure/:

$ cat ~/.config/Slack/exported_data/secure/2020-05-18.json
        "text": "I also set you a new password on the Ubuntu box - TractorHeadtorchDeskmat, same username"

PreviousExternal Platforms NextInfra

Last updated 10 days ago

Was this helpful?