A hard topic. It needs lots of valuable information to complete its tasks successfully. So that can detect the problems of a system or what caused the problem to a system.
Dumpzilla , an open-source project tool that comes preinstalled in Kali Linux but you can use it on a windows machine. The tool is basically a python script runs on Python 3.
It can be used to extract information from both Windows and Linux browsers such as saved passwords, bookmarks, cookies, history, etc. The collected information can be helpful to investigate cases in digital forensics.
Let’s get into the tutorial
Running Dumpzilla on Kali Linux
Fire up your Kali Linux machine and open up the terminal. Now type dumpzilla . This command will show you the options you can take into use. Also, it shows the default locations of firefox browser profiles of Windows, Mac and Linux operating systems.
Now run dumpzilla on the Mozilla firefox profile saved on Kali Linux. type the command
Here the default location of Mozilla profile is in the root. If you configured the profile path, you have to enter the new path. If you didn’t, just copy and paste the default path. Now select the file with the extension ‘default’ and select the type of data you want to extract.
dumpzilla /root/.mozilla/firefox/xc92edia.default --History
For example, we want to extract passwords. We will use the data type after the profile name in the command. You can use all the data types available one by one such as cookies, bookmarks, extensions, history, etc.
To save the extracted information just add the path where you want to save the information after the ‘Export’ command as shown below.
dumpzilla /root/.mozilla/firefox/xc92edia.default | tee /root/Desktop/mozilla.txt
Or, if you want to save the information as text, simply replace the ‘Export’ command with ‘tee’.
Running Dumpzilla on Windows
Dumpzilla doesn’t come preinstalled in Windows. In order to run it, you can download it from its official website or from Github . But you must have python 3 installed in your system.
Now, go to the directory where you have downloaded the script, right-click on the address bar, select ‘Edit address’, type ‘cmd’ and hit enter. On the cmd type python dumpzilla.py to see the available options.
The options are a little different from the options we get on Kali Linux. Let’s try to extract some information. It has the option to extract all information at once by using the option ‘All’ which we don’t get in Kali Linux.
Every single information found on a computer can be helpful for digital forensics. These tools can’t do a lot but they can extract really sensitive data if they are used on the right system.
What’s your opinion about Dumpzilla? have you ever tried to find it on Kali Linux? the majority of answers will be No. Let us know in the comment box below and if you face any problem regarding configuring the tool, feel free to leave us a comment explaining your problem in detail. Please attach a screenshot so that we can identify exactly what’s your problem is.