Hacking Firefox Profile Data Storage - Stupid Geek Tricks
Understanding Firefox Profile Data Storage
Many users are curious about the location where Firefox stores its browsing history and other sensitive information. This includes not only visited URLs, but also saved passwords, submitted form data, and specific preference settings.
The data is systematically organized within SQLite databases, which are located inside your individual Firefox profile folder.
Accessing and Examining Firefox Databases
With the aid of an open-source tool like SQLite Database Browser, you gain the ability to inspect the internal structure of these databases.
This allows you to browse the contents of each table and, if desired, modify the data they contain.
Platform Compatibility
Although this guide is primarily geared towards Windows users, the fundamental principles and methods described should be applicable to those using Linux or macOS operating systems as well.
Exploring Database Contents
- Browsing History: View a record of websites you've visited.
- Saved Passwords: Access stored login credentials.
- Form Data: Examine previously entered information in online forms.
- Preferences: Inspect customized Firefox settings.
SQLite Database Browser provides a user-friendly interface for navigating these various data categories.
It's important to exercise caution when manipulating database contents, as incorrect changes could potentially affect Firefox's functionality.
Examining Firefox Profile Data
Prior to beginning, ensure Firefox is completely closed to prevent file locking issues.
Launch the SQLite Database Browser, select the open icon, and navigate to your Firefox Profile directory. On Windows 7, the typical location is as follows:
%UserProfile%\AppData\Roaming\Mozilla\Firefox\Profiles\<random>.default
A database of particular interest for review is "formhistory.sqlite".
This database is noteworthy because it retains the data you input into form fields, such as your address, email address, and phone number, provided Firefox is configured to store this information.
Upon opening this file and exploring the "moz_formhistory" table, a substantial number of entries become visible, offering insight into the functionality of this feature. The name associated with the HTML form field is stored within the "fieldname" column, while the corresponding entered value resides in the "value" column.
Due to the commonality of field names like "Email" and "Subject" across numerous websites, multiple entries may exist for the same "fieldname" but with differing "value" data. This explains why information entered on one website can appear when completing a form on an unrelated site.
However, this stored information can be of a sensitive nature. For instance, a search for a credit card number (using a pattern-based search) may reveal the plaintext entry within this database.
Should you discover such entries that require removal, identify the corresponding "id" value within the Browse Data tab and utilize the Delete Record button. Save your modifications to finalize the deletion.
This capability is beneficial not only for eliminating sensitive data but also for removing outdated information like old email addresses or phone numbers, without the need to clear your entire browsing history.
Important Note: Regularly reviewing and managing your Firefox profile data is a proactive step towards maintaining your online privacy and security.
Additional Profile Databases
Beyond the databases already examined, several other SQLite databases within the Firefox profile are available for investigation, all identifiable by the ".sqlite" extension. These can be accessed and explored using the SQLite Database Browser, following the same procedure outlined previously.
Database Descriptions
The following databases contain potentially useful information regarding your Firefox usage and configuration.
- addons.sqlite: This database maintains records of installed add-ons, including installation details. It's primarily utilized for managing and updating your installed extensions.
- content-prefs.sqlite: This file stores website-specific preferences and user settings. An example of the data held within includes the default directory used for file uploads.
- downloads.sqlite: Details concerning items listed in your Firefox download history are contained within this database.
- extensions.sqlite: Similar to addons.sqlite, this database provides information about installed add-ons. While not offering groundbreaking insights, it can be a resource for detailed add-on specifics.
- formhistory.sqlite: As previously discussed, this database stores all non-password form data saved by Firefox.
- signons.sqlite: This database securely stores your saved login credentials. Passwords are encrypted using your master password, but usage counts for each login are visible.
Exploration of these databases may reveal interesting data. Should you uncover anything noteworthy, consider sharing your findings.
Further investigation into these files could prove beneficial.
Download the SQLite Database Browser to begin your analysis.