Jump to content

Facebook Session cookies


oXis

Recommended Posts

Hi,
 
Based on the powershell script written to extract creds from Google Chrome, I made a script to read the SQLite database where the cookies are stored and extract Facebook session cookies. It uses no library, like in the ChromeCreds payload, I use regex to search for the cookies. I haven't written any payload, and I also want to do the same with Firefox.
 
Enjoy
Link to comment
Share on other sites

I had the same problem. Your solution seems fine

I rewrote the password grabber for firefox because the powershell script is detected by kaspersky. Instead of grabbing the password and decrypt it using powershell, I copy key3, cert8, and logins in the loot folder and use a python script to decrypt the password within the BB.

Link to comment
Share on other sites

Payload updated!

Now without any connexion to the Internet. A python script will pop a HTTP server, powershell will use this http server to download the payload and then upload the results to it.

Check it out here -> https://github.com/oXis/bashbunny-payloads/tree/master/payloads/library/WindowsCookies

 

But, I've come across some bugs in Windows 7, powershell regex groups are not working....

Link to comment
Share on other sites

  • 1 year later...

`get_facebook_cookies.ps1` is a Powershell script that creates two functions ( Get-FacebookCreds-Firefox  and Get-FacebookCreds-Chrome). If you import this script inside one of yours, or if you import this script inside a Powershell shell you can then use those functions.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...