Bypass Antivirus & Dump HTTPS pasword in browser memory
ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts.
- Get meterpreter session, tutorial here.
- Upload Prodump to your victim
- Create dump brower (Firefox, Goolge Chrome…) file using ProcDump. 2228 paramter is FireFox processer pid.
- Download dump file from victim machine
- Using string to find https password