Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Memory Forensics for Pentesters: Firefox

This is part one in a series of presentations I will be giving at the NoVAHackers meetings on forensics of all kinds as it can be leveraged in a penetration test.

Related Books

Free with a 30 day trial from Scribd

See all
  • Be the first to comment

Memory Forensics for Pentesters: Firefox

  1. 1. Memory Forensics for Penetration Testers
  2. 2. Memory Sizes • 1 GB (Netbook standard) • 2 GB (Old standard) • 4 GB (Laptop standard now) • Forensics don’t care, they deal with HDDs • Sneaky Sneaky!
  3. 3. Memory Sizes • 1 GB (Netbook standard) • 2 GB (Old standard) • 4 GB (Laptop standard now) • Forensics don’t care, they deal with HDDs • Sneaky Sneaky!
  4. 4. 32 bit vs 64 bit • Annoying
  5. 5. Per-process Memory Dumping • PMD • (P)rocess (M)emory (D)umper SURPRISE! • EvilFingers (https://www.evilfingers.com/) • Since v1.2 it’s gone gooey. • Still awesome but useless at a prompt.
  6. 6. PWD
  7. 7. PMDump • http://ntsecurity.nu/toolbox/pmdump/
  8. 8. Firefox • You know..
  9. 9. Firefox • You know..
  10. 10. Firepassword • http://securityxploded.com/ firepassword.php • or you could do it the easy way: • http://carnal0wnage.blogspot.com/ 2010/06/firefox-saved-passwords.html
  11. 11. Master Password :-(
  12. 12. FireMaster • http://securityxploded.com/firemaster.php
  13. 13. dump firefox memory definitely smaller but be careful
  14. 14. strings FTW! strings firefox.mem | sed ‘/^.{30}/d’ | sort -u | sed ‘/$’”/ `echo r` /” > firefoxdictionary.txt
  15. 15. win!
  16. 16. Questions?

    Be the first to comment

    Login to see the comments

  • alanovich

    Sep. 15, 2010
  • yudhadewa

    Oct. 19, 2011
  • rjmolesa

    Dec. 26, 2011
  • EdHunter1

    Nov. 12, 2014
  • KenUdagawa

    Feb. 17, 2020

This is part one in a series of presentations I will be giving at the NoVAHackers meetings on forensics of all kinds as it can be leveraged in a penetration test.

Views

Total views

10,648

On Slideshare

0

From embeds

0

Number of embeds

1,966

Actions

Downloads

155

Shares

0

Comments

0

Likes

5

×