Friday, July 15, 2011

Using metasploit meterpreter scripts enum_firefox.rb and enum_chrome.rb

Two useful meterpreter scripts for enumerating client browser data are enum_firefox.rb and enum_chrome.rb located in the framework scripts/meterpreter directory.

It is important to understand that both of these scripts require sqlite3 be properly installed on your exploitation system.  Assuming your exploitation system is Ubuntu Linux for a moment, you can ensure that sqlite3 dependencies are installed as follows:

sudo apt-get install sqlite3
sudo apt-get install libsqlite3-dev
sudo gem install sqlite3-ruby

Once this has completed, then restart your msfconsole, exploit away and run the appropriate browser enumeration scripts.    Output from your enumeration will be stored in the msf config directory with the following path.


With a local installation under Ubuntu, the msf config directory is often $HOME/.msf

No comments: