1
How do I get key3.db and/or logins.json to print in plain-text using commandline?
$ cat /home/*/.mozilla/firefox/*.default/key3.db
$ cat /home/*/.mozilla/firefox/*.default/logins.json
user737988
Posted 2017-06-12T22:02:45.790
Reputation: 11
0
Assuming you don't need to do this very often and are happy to do the first step manually, you could use Password Exporter, which I used to use before I switched to KeePass.
BoffinBrain
Posted 2017-06-12T22:02:45.790
Reputation: 1 896
0
What I did on Linux:
nss source package for your distro.pwdecrypt tool.I used the following command line to build the tool (CentOS 7.7):
gcc -o pwdecrypt \
-I/usr/include/nspr4 -I/usr/include/nss3 -I../lib \
-lnss3 -lplc4 -lnspr4 -lnssutil3 -lsmime3 \
pwdecrypt.c ../lib/secutil.c ../lib/basicutil.c ../lib/secpwd.c ../lib/pppolicy.c
This may require certain development packages installed (nss-devel in my case).
Once you have the tool go to firefox profile directory and execute:
jq -r -S '.logins[] | .hostname, .encryptedUsername, .encryptedPassword' logins.json | \
pwdecrypt -d .
or (if key4.db is used instead of key3.db):
jq -r -S '.logins[] | .hostname, .encryptedUsername, .encryptedPassword' logins.json | \
pwdecrypt -d sql:.
You may find Reveal saved Mozilla Firefox passwords article helpful.
Tomek
Posted 2017-06-12T22:02:45.790
Reputation: 795
It's a database, it can't be trivially converted to plain text. What kind of information do you want to extract and which output format do you expect? – gronostaj – 2017-06-12T22:10:43.773
Thanks for your response. I believe it's where the saved usernames:passwords are stored? Any output format is fine, I'd like to view the data in plaintext remotely. – user737988 – 2017-06-12T22:21:14.977
It seems that the file is named in a misleading way. Quoting from this site: The key3.db file store the encryption key that is used for encrypting and decrypting the passwords. The encrypted names and passwords are stored in the logins.json file..
– gronostaj – 2017-06-12T22:35:14.703Thanks. I also saw stuff about logins.json in my search queries. But there's no such file in my /*-defaults/ directory and I'm positive I have saved passwords there. Do you know how to decrypt the logins.json? – user737988 – 2017-06-12T22:49:28.907
Nope, but you can try reading Firefox's source code if you're familiar with programming. – gronostaj – 2017-06-12T23:07:17.703
@eckes Literally the first sentence of that question says that
key3.dbis an encryption key, not DB, and the answer says that Firefox switched from SQLite to JSON (confirmed by my link from previous comments). The script may be useful for OP though. – gronostaj – 2017-06-13T02:00:06.113Ok correction, key3.db is in Berkley/BSD-DB Format containing the encryption key. This tool can extract it and decrypt the Json or SQLite files with the user passwords. https://github.com/lclevy/firepwd
– eckes – 2017-06-13T05:03:02.150