Support more recent versions of Firefox's default profile directory #14877
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The default firefox profile directory now no longer ends in
.default
but instead.default-release
. For backwards compat the new regex supports both. For more information see:https://support.mozilla.org/bm/questions/1264072#answer-1235567
It's possible we might want to also support things like
.default-nightly
, etc but really if we want to do more than grab the default profile we should read theprofiles.ini
file to get an itemized list of profiles from Firefox itself. This would also future-proof this script and allow us to capture non-default profiles.Since profiles are not generally used by most Firefox users just going for the simpler solution of adjusting the regex.
Verification
List the steps needed to make sure this thing works
msfconsole
use post/multi/gather/firefox_creds
Can test it out yourself on this Vulnhub - https://www.vulnhub.com/entry/bluesky-1,623/