Built some automation to help with dumping cookies using Chromium's remote debugger. This technique works against Chromium browsers (Google Chrome, Microsoft Edge, etc.) on any OS! I dig into how the technique works and present my implementation posts.specterops.io/hands-in…

5:09 PM · Dec 17, 2020

6
78
186
Replying to @slyd0g
I love this trick. We’ve been using the cookie crimes implementation but this seems nicer to avoid having to patch websocat to remove the json rpc key from the message which breaks chrome
1
0
1
Just discovered the cookie crimes post on my recent op and it was an absolute game changer.
0
0
0
Replying to @slyd0g
thank you for awesome work. Another similar way selenium with opt.AddArguments("--user-data-dir=" + dir1); and headless mode.
0
0
2
Replying to @slyd0g
This is 🔥🔥🔥
2
0
3
Thanks Chris!! :)
0
0
1
Replying to @slyd0g @byt3bl33d3r
Nice work and great write up 👍
0
0
0
Replying to @slyd0g
Great work and great write up! Glad someone wrote a blog on this, my friends in security very much appreciated the post! Cheers!!
0
0
0