Re: Firefox forensics with SQLite Manager at InfoSec Institute

[Fabio <ctrlaltca () gmail com>]

On 12/12/2011 18:30, Adam Behnke wrote:
> Hello, a recent article here on how to perform forensics investigations
> on Firefox with SQLite Manager:
>
>  
>
> http://resources.infosecinstitute.com/firefox-and-sqlite-forensics/
>
>  
>
> This is relevant because it is easy to install, doesn’t require you to
> buy a $4,000 forensic software tool (Encase, FTK, etc.), and gives you
> lots of good data on forms, cookies, addons, extension, SSL sessions, etc.
>
>  
>
> Your thoughts?

---8-<---
Signons – this is a repository of all places that the user has kept
their username and login stored in the browser. All the passwords are
hashed, but using rainbow tables they can be guessed depending on how
the user manages password security.
--->-8---

Can you elaborate on that?
I thought  that just extracting the profile directoy and loading it on a
portable installation is enough to view saved passwords..
Firefox needs to be able to use their plaintext-version when logging on
a website form, so it needs to use two-way cryptography.
I guess you just mean "if the user set a master password or not", or am
i missing something?

Fabio Bas


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/