Nothing earth shattering, but since this is a place for my notes...
Sometimes while you are on a box and pilfering through all the documents doesn't yield anything useful for you to move laterally you can sometimes grab the Firefox saved passwords. Lots of times someone will save their password to the corporate OWA, wiki, helpdesk page, or whatever. Even if doesn't give you a *great* lead you'll at least get an idea if they are a password re-user or not.
So how to do it?
Actually its simple. Inside of the mozilla\firefox directory will be somethingrandom.default. Inside that folder you'll find:
key3.db
signons.sqlite
If there is no master password set, all you have to do is replace the files on your test VM with the two files you downloaded, open firefox, go to preferences, security, and do a view saved passwords.
I think there are some fancy Firefox plug-ins that can pull this info out and I'm sure there are some binaries you can push up that will dump this for you as well. But this is quick and easy and you're probably already downloading files (at least you probably *should* be) anyway...
-thanks to Mubix for telling me about this.
Firefox Saved Passwords
Label:
Pentesting
Langganan:
Posting Komentar (RSS)
0 komentar:
Posting Komentar