Using browsers cache to get passwords
#1
Hi guys,
This is a simple tutorial on how to get the cache of the browsers and get the passwords form them. With this method you can get the passwords even if the user has logged out of their accounts. I have only tried this on windows.

First of all open task manager, use right click and click on create dump file.
[Image: 3049_1(en)13-127950.jpg]

Go to the directory that will pop up. Now search the .dmp file and open it with winhex.
You can download winhex for free (it won't be full version but it will be enough for our task).
https://www.x-ways.net/winhex/

When opened with winhex click on the red binoculars
[Image: UOmfiy.jpg]

Search "password" and the username, password and website will pop up.
[Image: PDLlBM.jpg]

It is very easy but will do the job. I didn't find the tutorial here so maybe someone who is new into this might like it.
Have fun!
Reply
#2
Dumping data from browsers and applications that make use of SSL can also reveal encryption keys, which is very useful in digital forensics.
Great post, thanks enmafia2.
Reply
#3
Interesting trick! I used similar methods back in the day when whaling keyloggers for smtp credentials. But it never occured to me that I could do this with memory dump file for browsers and such. Thank you for the insight! I'll try this, luckily I have an old dumpfile in the past when my browser crashed. Hopefully I can restore my session :p
Reply
#4
Thats really cool and new for me. Thanks for sharing!
Reply
#5
Very cool thanks for the tutorial. Will definitely use in the future
Reply
#6
Hi @enmafia2

I tried this on chrome but it didn't worked out.

Then i checked for iExplorer it was working there.But back in days It works for chrome also.

Do you think they fixed this thing or somehow encrypted type password fields.

Btw Great post Smile
This could really save a lot of time in certain situations.

Thanks for sharing Smile
Reply
#7
(08-13-2018, 11:31 AM)hack3rsp0t Wrote: Hi @enmafia2

I tried this on chrome but it didn't worked out.

Then i checked for iExplorer it was working there.But back in days It works for chrome also.

Do you think they fixed this thing or somehow encrypted type password fields.

Btw Great post Smile
This could really save a lot of time in certain situations.

Thanks for sharing Smile

Yeah, apparently Google Chrome uses encryption now, but according to this blog post you can still dump the passwords with metasploit (tested 4/5/2018).
https://null-byte.wonderhowto.com/how-to...y-0183600/

I would personally test it, but to lazy to set everything up now x)
Reply
#8
Who can extract the Facebook database account password?
Reply
#9
(08-17-2018, 07:34 AM)w912442845 Wrote: Who can extract the Facebook database account password?

I don't understand what you want, could you rephrase please?
Reply
#10
I was thinking to do this recently and apparently is a lot easier than I thought. Interesting stuff man, thanks for sharing this knowledge
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Admin passwords 1LAL1X 4 2,330 11-03-2021, 01:31 AM
Last Post: 1LAL1X
  Insights About Emails and Passwords Corvo 1 9,475 04-29-2021, 04:45 PM
Last Post: Wipe_TS
  Unhackable Passwords Guide DeepLogic 1 8,860 06-10-2020, 10:13 AM
Last Post: enmafia2
  SSH Bruteforce using Putty or Plink. Insider 0 7,995 04-25-2020, 08:30 PM
Last Post: Insider