Firefox Creds

Learnt in room: Gatekeeper

Setup Impacket for python3 first. Git clone the repo and do this:

pip3 install .

python3 setup.py install

Compromise the machine using metasploit and do this

create a folder profile called /root/.mozilla/firefox and copy these files in that folder. Also, we have to rename the files as per this format:

file with name containing cert.bin becomes cert9.db

file with name containing cook becomes cookies.sqlite

file with name key4 becomes key4.db

file with name logi becomes logins.json

Run this script to decrypt creds out of the obtained files

We can further use psexec to gain a shell access by abusing ADMIN share using the obtained creds