FireMasterLinux is
the Linux port of popular tool
FireMaster. FireMaster is the first ever built tool to
recover the lost master password of Firefox. In order to protect the
stored login passwords, Firefox uses master password. If the master
password is forgotten, then there is no way to recover the master
password and user will lose all the stored login passwords as well.
In this direction, FireMasterLinux helps in recovering lost
master password to get back all the stored passwords.
FireMasterLinux uses combination of techniques such as dictionary,
hybrid and brute force to recover the master password from the
Firefox key database file.
Often it takes long hours and some
times days together to completely recover the master password based
on its length and complexity. Hence one end up performing recovery
operation for days continuously. However Windows system often goes
slower as the day passes and performance is not optimal when it
comes to continuous processing.
In such a case where it
involves processing for long hours with consistent high-performance,
Linux becomes the ideal platform. To address this exact problem, we
have started the project, FireMasterLinux....!
Firefox comes with
built-in password manager tool which remembers username and passwords
for all the websites you visit. This sign-on information is stored in the encrypted
form in Firefox database files residing in user's profile directory.
However any body can just launch the password manager from the Firefox
browser and view the credentials. Also one can just copy these database
files to different machine and view it offline using the tools such as
FirePassword.
Hence to protect from
such threats, Firefox uses master password to provide enhanced security. By
default Firefox does not set the master password. However once you have set the
master password, you need to provide it every time to view sign-on credentials. So if you
lose this master password that means you have lost all stored
credentials as well.
So far there was no way to recover
these credentials once you have lost the master password. Now with FireMasterLinux you
can recover your master password and get back all the sign-on
passwords.
Team Members
This project is lead by Broseidon along with other liked minded
individuals. Here is the list of all members
broseidon [Project Lead]
endeavormac
oldgregg
MustardBedroomWrench
If you would like to be part of this project then
contact us.
Below is the status of current work and remaining work to be done.
Current Work Status
Here is the current status of the FireMasterLinux project with
details on finished as well as remaining work
Port a working version (brute force only) to linux [Finished
on 16 MAY 2010]
Incorporate dictionary crack [Finished on 24 MAY
2010]
Incorporate and optimize hybrid crack to include not just
addition, but case changes within dictionary words [Finished on 9 JUN
2010]
Use threading to improve application performance
Use
with CUDA/OpenCL
Roll into Nagareshwar's FirePassword tool
Write a Metasploit module to grab requisite databases & automatically
check for a master password set
Final aim of the project is to build complete Linux port of
FireMaster and later integrate it into
Metasploit Framework.
Internals of FireMasterLinux
FireMasterLinux supports
following password generation methods
1) Dictionary Method
In this mode,
FireMasterLinux uses dictionary file having each word on separate line to
perform the operation. You can find lot of online dictionary with
different sizes and pass it on to Firemaster. This method is more
quicker and can find out common passwords.
H2) Hybrid Method
This is advanced
dictionary method, in which each word in the dictionary file is prefixed
or suffixed with generated word from known character list. This can find
out password like pass123, 12test, test34 etc. From the specified
character list (such as 123), all combinations of strings are generated
and appended or prefixed to the dictionary word based on user settings.
H3) Brute Force Method
In this method, all
possible combinations of words from given character list is generated
and then subjected to cracking process. This may take long time
depending upon the number of characters and position count specified.
Video Demonstration
Here is the video demonstration of recovering Firefox master
password using FireMaster (Windows Port). Though they are similar
some of the things will be different.
In the video tutorial below it shows
how to use Hybrid Crack & Brute-Force Crack method to easily recover the
master password
How to use FireMasterLinux?
First you need to copy
the key3.db file to temporary directory. Later you have to specify this directory path for FireMasterLinux as a last argument.
Note that some of the options mentioned above may not have fully
implemented in FireMasterLinux. Hopefully they will be present in future
version.
Here Firefox_Profile_Path
refers to the directory where key3.db file is present. However you can also copy key3.db file from
any other machine and specify that path during recovering operation.
Quiet mode ( -q option
) will disable printing each password while recovery is in progress.
This makes it much faster especially for brute force operation. However during brute force operation if
the password count exceeds 50000 passwords then it automatically enters
the
quiet mode.
Hybrid method tries normal
dictionary password as well as password created by
appending/prefixing the generated strings to the dictionary word.
For example if the dictionary word is "test" and you have specified
character set as '123' (-c 123 -s) then the new passwords will be
test1, test12, test123, test32 etc.
Character list (-g
for hybrid and -c
for brute force) specifies the characters to be used for generating
passwords. If you don't specify then the default character list is used.
For brute force -m indicates the minimum length of password to be
generated. This can reduce the generated passwords and hence the
time considerably when large number of character set is specified. Similarly
-l (small 'L') specifies the maximum length of password to be
generated. For example, if you specify -m 6 and -l 8 then only
passwords which are of length at least 6 and above but below 8 will
be generated.
Now you can reduce the password cracking time significantly using
pattern based password recovery mechanism. If you know that password
is of certain length and also remember few characters then you can
specify that pattern for brute force cracking. For example, assume
that you have set the master password of length 12 and it begins
with 'fire' and ends with '123' then command will look like below
This will reduce the time to seconds which otherwise would have
taken days or hours to crack that password. You can even crack the
impossible looking passwords using the right pattern.
FireMasterLinux and FireFox
FireMasterLinux is tested with latest Firefox version
3.5.6 and it can recover master password successfully from any
Firefox, starting with version 1.0 or more.
If the FireMasterLinux failed to work with your Firefox version then please send me the key3.db and cert8.db (required
for older versions) files which are present in your Firefox profile
directory. Note that sign-on
credentials are stored in the signons.txt file and key3.db just contains
the master password related information. So even if some one knows your
master password it will be useless unless he/she has access to
signons.txt file.
Disclaimer
FireMasterLinux is designed with good
intention to recover the lost master password so that every one keep
enjoying their experience with Firefox. Like any other tool its use
either good or bad, depends upon the user who uses it. However author is
not responsible for damages or impact caused due to misuse of FireMasterLinux.
Release History
Version 0.3.1: Aug 9 2010
Fixes minor problems parsing arguments for brute force
Version 0.3: Jun 9 2010
Now Supports Hybrid Cracking. Last single-threaded version of
firemaster_linux.
Version 0.2: May 21 2010
Added support for -m (minimum pass length) and -c (user defined
character set) for password recovery options.
