All Your Browser Secrets Belongs to Us — Post-Exploitation Browser Secret Extraction

No ratings

Presented at shellcon 2017 by

Cara Marie

Andy Cooper

Once a user’s computer has been compromised, one of the first steps is to extract their cookies (and at times passwords) from browser storage. This can allow an attacker to move laterally throughout the network, gaining access to sensitive services and data — proving incredibly profitable for an attacker and extensively damaging for the user. This talk covers post-exploitation techniques for browser cookie and password extraction, and previews a tool (released post-talk) that can be used for secrets extraction on most modern browsers. Potential mitigation techniques will also be discussed.