Browser passwords
Last updated
Last updated
Download Firefox and the Chrome standalone installers.
2. Transfer them to and install them on DATA01.
3. Login with Administrator and the password Welcome01! to DC03 and create a user with the name bob.
4. Login with the user Bob and the password CredentialDumping01! on DATA01.
Open FireFox, go to the settings by opening the menu in the right top and clicking "Settings".
Open the "Privacy and Security" tab and scroll down to the "Login and Passwords" section.
3. Click on "Saved Logins" and click in the bottom on "Create New Login". Fill in the following information to save something within the Browser:
Open Google Chrome, go to the settings by opening the menu in the right top and clicking "Settings".
Click on "Autofill" and then on "Passwords"
3. In the "Save Passwords" section click on "Add". Fill in the following information and click "Save".
The saved passwords are stored in a which lets the user decrypt them without asking for a password as long as they aren't protected with a master password.
To execute the attack administrator privileges to the machine and user credentials for the users which we want to extract the credentials from are required.
From the Kali machine install the DonPapi tool.
Create a creds.txt file and place the credentials from bob in here with the <USER>:<PASSWORD> format. Bob:CredentialDumping01!
3. Execute the following command to run DonPapi against DATA01 using the creds.txt file and dumping all the credentials saved for this user on DATA01:
We discovered the saved credentials in Chrome and Firefox.
Don't save passwords in browsers and use a passwordmanager such as LastPass, BitWarden or KeePass.
