• ProcDump

    ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts.

    Download ProcDump

    1. Get meterpreter session, tutorial here.
    2. Upload Prodump to your victimscreenshot-from-2016-11-05-21-57-02
    3. Create dump brower (Firefox, Goolge Chrome…) file using ProcDump. 2228 paramter is FireFox processer pid.screenshot-from-2016-11-05-21-59-15
    4. Download dump file from victim machinescreenshot-from-2016-11-05-22-03-43
    5. Using string to find https password