Stupid Geek Tricks: Hacking the Firefox Profile Data Storage

By Jason Faulkner on August 2nd, 2011

image

Have you ever wondered where Firefox keeps all of the history it has remembered from your previous browsing sessions… not just URL’s but saved password, form data and certain preference values? The answer, quite simply, is inside of SQLite databases in your Firefox profile folder.

Using an open source program, SQLite Database Browser, you can not only see the structure of the individual databases but browse and, if you are so inclined, manipulate all the data in each of the tables. While this article focuses on Windows, the same basic information should apply to Linux and Mac users as well.

Viewing the Firefox Profile Data

Before getting started, make sure Firefox is closed so there are no problems with locks on any of these files.

Open SQLite Database Browser, click the open icon and navigate to your Firefox Profile. In Windows 7, the location is here:

%UserProfile%\AppData\Roaming\Mozilla\Firefox\Profiles\<random>.default

An interesting database we will take a look at is “formhistory.sqlite”.

image

The reason this particular database is interesting is because it stores values you enter into form input fields such as your address, email and phone number (if you have Firefox set to keep this information).

As you can see when you open this file and browse the “moz_formhistory” table, there are loads of entries which give you a bit of insight into how this feature works. Essentially the name of the HTML field where you entered the data is stored in the “fieldname” column and the respective value in the “value” column.

Because field names such as “Email” and “Subject” are very common and likely to be across multiple sites, you may see several entries for the same “fieldname” value with different “value” values. This also explains why you can see values you entered on one site when you are filling out a form on a completely different site.

image

However, this information can be sensitive. For example, if I search for my credit card number (by pattern) I can find the plain text entry in this database.

image

If you find entries like this you want to get rid of, simply locate the respective “id” value in the Browse Data tab and click the Delete Record button, save your changes and it is gone.

This can be useful for not only clearing sensitive data, but also entries such as old email addresses or phone numbers without having to clear out all of your history.

image

Other Profile Databases

While there are several more SQLite databases you can take a look at (all having the .sqlite file extension), below are some which may be of interest. You can open these using the SQLite Database Browser exactly as shown above.

  • addons.sqlite = Installation information on installed add-ons. This is most likely used for keeping your installed add-ons current.
  • content-prefs.sqlite = Stores information specific to web sites and your settings. For example, the last used location on your computer to upload a file.
  • downloads.sqlite = Information about items which appear in your download items list.
  • extensions.sqlite = Information about installed add-ons. There is nothing too insightful here, but if you are looking for intricate details about an add-on, the information here may be helpful.
  • formhistory.sqlite = (covered in detail above) All non-password data which has been saved in Firefox.
  • signons.sqlite = Saved login password information. The passwords are encrypted against your master password but you can view the number of times each one has been used.

Take a look and if you find something interesting, please share.

 

Download SQLite Database Browser

Jason Faulkner is a developer and IT professional who never has a hot cup of coffee far away. Interact with him on Google+

  • Published 08/2/11
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!