SecurityXploded.com
Exposing the Twitter Password Secrets - www.SecurityXploded.com
 
 
Exposing the Twitter Password Secrets
 
 
 
See Also
 
 
 
Contents
 
 
About Twitter Account Password Recovery
Twitter is the most popular micro blogging service used by millions of people around the world. Users use variety of applications including their favorite web browsers and dedicated twitter clients such as TweetDeck, Sobees etc to keep up to date with their Twitter updates and followers.

Twitter Password Secrets


Most of the these applications generally store the Twitter account password for subsequent logins so that user don't have to enter the password every time. Each application uses their own encryption method and storage mechanism to securely store the password.

This research article throws light on the internal password storage and encryption mechanisms used by some of these prominent applications for storing the Twitter account password. It also shows how to recover Twitter passwords from each of such applications.
 
 
Recovering Twitter Password From Web Browsers
This section explains how each of these popular browsers store the passwords, how to distinguish between Twitter & other passwords and finally how to recover the Twitter password from their secret store.
 
 
Firefox & Twitter Password
Firefox stores the account passwords in its sign-on secret store using Triple-DES encryption coupled with BASE64 encoding technique. Different versions of Firefox used different method to store the login passwords. Initial versions of Firefox used signons.txt while latest versions uses signons.sqlite (SQLite database file) for storing all login details for visited websites.

For more details on how different versions of Firefox store the secrets and what storage format is being used, refer to section 'Firefox Password Secrets'

Firefox stores all website passwords including Twitter passwords ofcourse at the user consent. To recover the Twitter password from this big list we need to distinguish between the Twitter & other passwords.

This task is not difficult as Firefox stores the website URL along with encrypted username & password for each of the stored login entries. Here we just need to check if URL contains the magic string 'twitter.com' and then recover only those details to recover real Twitter username & password.
 
 
 
Internet Explorer & Twitter Password
Like Firefox and most other browsers, Internet Explorer also stores the sign-on credentials for all visited websites.

Before version 7, Internet Explorer used the famous 'Protected Storage' to store such sign-on passwords. Since it was less secure and easy to decipher, with version 7 onwards IE uses 'Credential Provider' store & 'Windows Cryptography' functions to securely store the passwords.

Here is the detailed research article which explains how to recover the passwords from any IE version, 'Exposing the Secrets of Internet Explorer'

As IE will be storing the passwords for all the websites, we need to separate out Twitter passwords from it. For older version using 'Protected Storage' mechanism we can simply check for URL entries against 'twitter.com' to get the stored Twitter login details. However for version 7 onwards we need to have Twitter login URLs in the IE history database as explained in above research article.

So before we proceed to recover Twitter Password, we need to add following login URLs
  • http://twitter.com/
  • https://twitter.com/
  • https://twitter.com/login
  • http://twitter.com/sessions
It depends on which URL is used by user to login to Twitter account. Generally such URLs will be in IE history but sometimes it may have been deleted accidentally by user.

You can use IEPasswordDecryptor to add these URLs to IE history database. Once we add these URLs to the IE history we can proceed to recover any stored Twitter passwords IE Credential store.
 
 
 
Google Chrome & Twitter Password
Like Internet Explorer and other browsers, Chrome also stores the login passwords for all visited websites based on user consent. Chrome uses Sqlite database to store the account information in encrypted format.

For more information on deciphering the website login passwords from Chrome database read the article, 'Exposing the Secrets of Twitter Chrome'

Now in order to distinguish between Twitter & other account passwords we just need to check for 'twitter.com' in the URL for each of entries.
 
 
 
Opera & Twitter Password
Opera browser also stores the login username & password for all visited websites at user's content. Opera uses the DES algorithm to encrypt the password and store it along with other details in the magic wand file.

For more details on the storage format used by Opera and complete code to decrypt such password refer to the article, "Exposing the Secret of Decrypting Opera's Magic Wand"

Each of such stored entries contain the main URL & login URL of the website. Here we have check each of login URL for 'twitter.com' to recover only Twitter account passwords.
 
 
 
Twitter Password Recovery Tool - TwitterPasswordDecryptor
TwitterPasswordDecryptor is the FREE tool to instantly recover Twitter account passwords stored by popular web browsers. TwitterPasswordDecryptor automatically crawls through each of the browsers and instantly recovers all of the stored Twitter passwords. It comes with both GUI interface as well as command line version.
 
TwitterPasswordDecryptor
 
TwitterPasswordDecryptor is fully portable tool which can be directly run anywhere without installing locally. It also comes with Installer for those who wants to install it locally and use it on regular basis. It works on wide range of platforms starting from Windows XP to latest operating system Windows 7.
 
 
 
See Also