CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/post/firefox/gather/passwords.md
Views: 1904
Vulnerable Application
This post-exploitation module allows the collection of saved Firefox passwords from a Firefox privileged javascript shell.
Verification Steps
Start
msfconsole
Get privileged javascript session
Do:
use post/firefox/gather/passwords
Do:
set SESSION <session id>
Do:
run
You should be able to see all saved Firefox passwords in the loot file in JSON format
Options
SESSION - The session to run the module on.
TIMEOUT - Maximum time (seconds) to wait for a response. The default value is 90.
Scenarios
Obtain a privileged javascript shell and gather saved Firefox passwords
To be able to use this module, a privileged javascript shell is needed. It can be obtained by using a javascript privilege exploit like exploit/multi/browser/firefox_proto_crmfrequest
, exploit/multi/browser/firefox_proxy_prototype
or others. In the example case of the firefox_proto_crmfrequest
exploit use set TARGET 0
to use a javascript shell.
The loot file then contains all passwords in json format, like so: