I have succesfully exploited a pc and i got the meterpreter i managed to run vnc but the problem is i can't dump sam file , or anyother option similar to it , i already got system id but i guess its because of kaspersky installed on that pc .
My main point is how can i gather all the save accounts in browsers , plus is there a way to steal an open session ? for example if he is using whatsapp web can i steal that session and use in on my pc ,
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
How To:
Dox Anyone
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Exploit Remote File Inclusion to Get a Shell
How To:
The Essential Skills to Becoming a Master Hacker
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How To:
Make Your Own Bad USB
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Exploit Shellshock on a Web Server Using Metasploit
How To:
Use Ettercap to Intercept Passwords with ARP Spoofing
How To:
Perform Advanced Man-in-the-Middle Attacks with Xerosploit
Hacking Windows 10:
How to Dump NTLM Hashes & Crack Windows Passwords
How To:
Top 10 Things to Do After Installing Kali Linux
News:
Hack Your Computer's BIOS to Unlock Hidden Settings, Overclocking & More
How To:
Beat LFI Restrictions with Advanced Techniques
13 Responses
browser passwords are stored somewhere in User/Appdata/blabla
encrypted in sqlite files..at least that's what i remember..
If you have meterpreter you shoud be able to dump SAM.file..
however, you can use wireshark to sniff tcp packets then add filter : 'http.cookie' to find http cookies and inject them into your browser with the help of greasemonkey for example..
Good Luck
@ANTHON thank you for your reply ,as for the sniffer i will try it out but i need to read a tutorial first .
as for browser passwords i know they are in this folder i already copied them to my local machine but i was wondering .. if i replace the my local profile content with the victim Profile content wouldn't it work ?.
does it still works ?! i tried it with no luck on facebook ..
What's the extent of your access? Are you an administrator?
yes i'm an administrator and i'm using psexecpsh exploit , after that i'm using getsystem command my meterpreter is reversetcp
Use the meterpreter and use hashdump to get the password hashes.
didn't work , and i know its strange i used it before on another pc , could it be because of the antivirus ? and is there a new way other than killav to stop it ? thanks you :-)
Have you tried uploading pwdump?
yep and still didn't work .. i tried using it in both ways through memory and executing it from a shell .
my lab pc is windows 8.1 updated + kaspersky installed , does make any difference in case if its updated or not ?
If you have VNC on the target, why not just turn off the AV?
;-)
I adapted a small Python script to decrypt the sql database from chrome and send the text file to a listener. I can release it if you'd like. Chrome uses an inbuilt windows function which means if you encrypt data on a machine it can only be decrypted on the same machine. Which is what my program does; it decrypts it on the same machine and stores it as plaintext. If you'd like I can release it later today, when I get home.
Robyn
I'll also link the page with the original script which I modified :P
Robyn
EDIT: I found it here . It explains the cryptprotectdata function really well
Share Your Thoughts