[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 03 Apr 2012 23:51:11 +0100
From: a <fromthestormofshadows@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Thunderbirds password database.
Hello,
Thank you all for your help. All the information provided has been very
useful. I will provide details of how I went about recovering
information from Thunderbird which is also applicable to Firefox and
probably their derivatives too.
Thunderbird and Firefox each store password details in two files:
key3.db and signons.sqlite
located in:
~/.mozilla/firefox/$profile$.default and ~/.thunderbird/$profile$.default
A master password can be set in either program and this affects key3.db.
If there is a master password on key3.db, FireMasterLinux will find it:
http://securityxploded.com/firemasterlinux.php
however it depends on the Gecko SDK:
https://developer.mozilla.org/en/Gecko_SDK
If required, specify the password and use Mozilla Password Dump:
https://github.com/halfgenius/mozilla_password_dump
which will then display the usernames and passwords.
The information stored in signons.sqlite can be extracted by using
SQLite3. One such method is detailed here:
http://security.stackexchange.com/questions/8780/is-it-possible-to-easily-retrieve-thunderbirds-passwords-with-access-to-hdd
the information is encrypted and John the Ripper is unable to parse the
data.
Powered by blists - more mailing lists
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ
