Jump to content

Facebook Session cookies


oXis

Recommended Posts

Posted
Hi,
 
Based on the powershell script written to extract creds from Google Chrome, I made a script to read the SQLite database where the cookies are stored and extract Facebook session cookies. It uses no library, like in the ChromeCreds payload, I use regex to search for the cookies. I haven't written any payload, and I also want to do the same with Firefox.
 
Enjoy
Posted

I had the same problem. Your solution seems fine

I rewrote the password grabber for firefox because the powershell script is detected by kaspersky. Instead of grabbing the password and decrypt it using powershell, I copy key3, cert8, and logins in the loot folder and use a python script to decrypt the password within the BB.

Posted

Payload updated!

Now without any connexion to the Internet. A python script will pop a HTTP server, powershell will use this http server to download the payload and then upload the results to it.

Check it out here -> https://github.com/oXis/bashbunny-payloads/tree/master/payloads/library/WindowsCookies

 

But, I've come across some bugs in Windows 7, powershell regex groups are not working....

  • 1 year later...
Posted

`get_facebook_cookies.ps1` is a Powershell script that creates two functions ( Get-FacebookCreds-Firefox  and Get-FacebookCreds-Chrome). If you import this script inside one of yours, or if you import this script inside a Powershell shell you can then use those functions.

Posted
. C:\YOURPATH\get_facebook_cookies.ps1
To import the code. Windows might warn you that the code is not signed or something like that.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...