This payload is a long, hard work around to bypass Microsoft Security in Firefox where a pin, or password is required to export saved log in credentials. The payload opens firefox about:logins, and tabs, and arrows its way through options. It then takes a screen shot with the first set of log in credentials made visible. Finally it sends the screenshot to an email of your choosing.
Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.
This payload is for OMG — a platform built for covert field-use with features that enhance remote execution, stealth and forensics evasion, all while being able to quickly change your tooling on the fly.