Skip to content

Pentesting Browsers

Dumping memory and cache

mimipenguin lazagne

Firefox stored credentials:

ls -l .mozilla/firefox/ | grep default 

cat .mozilla/firefox/xxxxxxxxx-xxxxxxxxxx/logins.json | jq .

The tool Firefox Decrypt is excellent for decrypting these credentials, and is updated regularly. It requires Python 3.9 to run the latest version. Otherwise, Firefox Decrypt 0.7.0 with Python 2 must be used.

Last update: 2023-07-15
Created: July 15, 2023 17:03:48