Open in app

Sign in

Write

Sign in

Home

Library

Stories

Stats

FMI Cyber Security Consulting Services

FMI Cyber Security Consulting Services is a division under PT. FPT Metrodata Indonesia and part of Metrodata Group. FMI Cyber Security Consulting Services provide following services : VAPT, Red Teaming, DFIR Services, MSS SOC, Training, and other cyber security fields.

Red Teaming — Credential Hunting on Target Machine [Browser Application]

Rio Darmawan
FMI Cyber Security Consulting Services
Published in
3 min readNov 11, 2024

--

hello everyone, in this article i will continue from the red teaming series article. in this article, assuming I've already gained access to internal network target and I'm only focusing on finding credentials.

*Note — the techniques shown in this article are for educational purposes ONLY, and must not be used on digital assets without prior consent from the owner.

Finding credential on web browser application

The first thing I do when red teaming is, I don’t immediately drop red teaming tools on the target. then I did credential hunting first manually. I started from the browser application first.

if the target (windows) has an active RDP service, you only need to log into the target using the rdp service then open the browser and check the passwords section.

If you only get the shell, you can access the web browser profile folder.

Chrome Profile Locations

# Windows
C:\Users\<Username>\AppData\Local\Google\Chrome\User Data\Default

# Linux
/home/<Username>/.config/google-chrome/default

# MacOS
Users/<Username>/Library/Application Support/Google/Chrome/Default

Firefox Profile Locations

# Windows
C:\Users\<Username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxx.default

# Linux
/home/<Username>/.mozilla/firefox/xxxx.default

# MacOS
/Users/<Username>/Library/Application\ Support/Firefox/Profiles/xxxx.default'

tools : https://github.com/unode/firefox_decrypt

HackBrowserData (simple ways)

you can use this tool can extract all data in the browser profile (cookies, history, passwords, etc.).

tools : https://github.com/moonD4rk/HackBrowserData

Note : As a disclaimer, all the activities performed above are just the basic technical part of red teaming activities, and if applied to actual red reaming activities, they will be detected by AV/EDR. Next i might post another article stealthier approach, with more Operational security (OPSEC) like AV/EDR bypass or encryption payload etc.

I hope this article can help readers to get a new point of view on the red teaming world. thanks for reading!

Red Team
Pentest
Pentesting
Red Teaming
Hacking

--

--

FMI Cyber Security Consulting Services
FMI Cyber Security Consulting Services

Published in FMI Cyber Security Consulting Services

587 Followers
Last published Feb 20, 2025

FMI Cyber Security Consulting Services is a division under PT. FPT Metrodata Indonesia and part of Metrodata Group. FMI Cyber Security Consulting Services provide following services : VAPT, Red Teaming, DFIR Services, MSS SOC, Training, and other cyber security fields.

Rio Darmawan
Rio Darmawan

Written by Rio Darmawan

98 Followers
22 Following

🦊

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams