regic1d3 / firepwd Goto Github PK
View Code? Open in Web Editor NEWThis project forked from lclevy/firepwd
firepwd.py, an open source tool to decrypt Mozilla protected passwords
License: GNU General Public License v2.0
This project forked from lclevy/firepwd
firepwd.py, an open source tool to decrypt Mozilla protected passwords
License: GNU General Public License v2.0
firepwd.py, an open source tool to decrypt Mozilla protected passwords ---------------------------------------------------------------------- Introduction ************ This educational tool was written to illustrate how Mozilla passwords (Firefox, Thunderbird) are protected using contents of files key3.db (or key4.db), logins.json (or signons.sqlite). Reference documents are: - Into the Black Box: A Case Study in Obtaining Visibility into Commercial Software, D. Plakosh, S. Hissam, K. Wallnau, March 1999, Carnegie Mellon University : http://www.sei.cmu.edu/library/abstracts/reports/99tn010.cfm - Dr. Stephen Henson, August 4th 1999 : http://arc.info/?l=openssl-dev&m=93378860132031&w=2 This code is released under GPL license. Now part of LaZagne project: https://github.com/AlessandroZ/LaZagne You can also read the related article, in french: http://connect.ed-diamond.com/MISC/MISC-069/Protection-des-mots-de-passe-par-Firefox-et-Thunderbird-analyse-par-la-pratique Usage ***** By default, firepwd.py processes key3.db (or key4.db) and signons.sqlite files in current directory, but an alternative directory can be provided using the -d option. Do not forget the '/' at the end. If a master password has been set, provide it using the -p option. Valid verbose levels (-v) are from 0 (default) to 2. $ python firepwd.py -h Usage: firepwd.py [options] Options: -h, --help show this help message and exit -v VERBOSE, --verbose=VERBOSE verbose level -p MASTERPASSWORD, --password=MASTERPASSWORD masterPassword -d DIRECTORY, --dir=DIRECTORY directory $ python firepwd.py -d /c/Users/lclevy/AppData/Roaming/Mozilla/Firefox/Profiles/o8syoe2h.default/ no stored passwords $ python firepwd.py -p 'MISC*' -d mozilla_db/ SEQUENCE { SEQUENCE { OBJECTIDENTIFIER 1.2.840.113549.1.12.5.1.3 SEQUENCE { OCTETSTRING a8db682ac51cfad8c06664fe9deb5283073b33ee INTEGER 01 } } OCTETSTRING 72d5636049d4af9eeadaf7eb0dc1710a62d5362fe4086dcc0495e5ec8e96c23c56b72a552e17756141ae80854d6fd03ecdc2c8f83d2c02d4c3f36e7e2b906f2c70a8cf571a06666e53f241780f9e39815e7d840e97e434614ac20ec09002e861 } decrypting privKeyData SEQUENCE { INTEGER 00 SEQUENCE { OBJECTIDENTIFIER 1.2.840.113549.1.1.1 NULL 0 } OCTETSTRING 3042020100021100f8000000000000000000000000000001020100021813c1e53d51a1e60bc79419f7d59107ef97976d075832a45b020100020100020100020100020115 } decoding 3042020100021100f8000000000000000000000000000001020100021813c1e53d51a1e60bc79419f7d59107ef97976d075832a45b020100020100020100020100020115 SEQUENCE { INTEGER 00 INTEGER 00f8000000000000000000000000000001 INTEGER 00 INTEGER 13c1e53d51a1e60bc79419f7d59107ef97976d075832a45b INTEGER 00 INTEGER 00 INTEGER 00 INTEGER 00 INTEGER 15 } decrypting login/password pairs http://challenge01.root-me.org: 'login\x03\x03\x03' , 'password\x08\x08\x08\x08\x08\x08\x08\x08' $ python firepwd.py -d /c/Users/laurent/AppData/Roaming/Thunderbird/Profiles/3luvewzm.default/ SEQUENCE { SEQUENCE { OBJECTIDENTIFIER 1.2.840.113549.1.12.5.1.3 SEQUENCE { OCTETSTRING 10540ef85fb7e198d41884c8c9c90cf3bc065482 INTEGER 01 } } OCTETSTRING 082fe34f23eae209334d53be2c85ea62d0242a722d452da5b0f27e39dd2733f177c0dc55dd22635d6c8e61fc3e7dc44fe2f1cccef58a8f3138b2822b5a1db3bc39ee8e57c5f4bf05aaed8073eeaf2cd7fddffd6fbc1f5d05ee870f353861c952 } decrypting privKeyData SEQUENCE { INTEGER 00 SEQUENCE { OBJECTIDENTIFIER 1.2.840.113549.1.1.1 NULL 0 } OCTETSTRING 3042020100021100f8000000000000000000000000000001020100021875a873cdb39783ecf1fedcea3d010dd9732a01a8b30451e9020100020100020100020100020115 } decoding 3042020100021100f8000000000000000000000000000001020100021875a873cdb39783ecf1fedcea3d010dd9732a01a8b30451e9020100020100020100020100020115 SEQUENCE { INTEGER 00 INTEGER 00f8000000000000000000000000000001 INTEGER 00 INTEGER 75a873cdb39783ecf1fedcea3d010dd9732a01a8b30451e9 INTEGER 00 INTEGER 00 INTEGER 00 INTEGER 00 INTEGER 15 } decrypting login/password pairs [censored] $ python firepwd.py -d /c/Users/laurent/AppData/Roaming/Mozilla/Firefox/Profiles/77l7qxfi.default/ SEQUENCE { SEQUENCE { OBJECTIDENTIFIER 1.2.840.113549.1.12.5.1.3 SEQUENCE { OCTETSTRING c6581e1fbdb50b4265ab11f54861fdbb62cb4abd INTEGER 01 } } OCTETSTRING cecb819cb612dccfc2265121aa38ed5d4b7cfc6f06f92f4fb48305f1afb3234f02e25fcb8f3029c0d4aa8c9be7ef292fc3c7d2d446e33f7f80d03a1df35aecb72f843463907786777da8bf1fd47a955fad9eb23e65e0ddff6d1ed0463cc69ed4 } decrypting privKeyData [...] Installation ************ written for Python 2.7 modules required: - pyasn1, https://pypi.python.org/pypi/pyasn1/, for ASN1 decoding - PyCrypto, https://www.dlitz.net/software/pycrypto/, for 3DES EDE decryption key3.db is read directly, the 3rd party bsddb python module is NOT needed. ---end of transmission---
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.