Cracking firefox's logins.json without key4.db

on

I apologize if this is the wrong forum for this query, if it is, I would appreciate a point in the right direction.

I pulled a stupid and lost all my passwords. When I recovered the data, I ended up with a corrupted key4 AND logins. So, the conventional method of importing them did not work.

Is it possible to decrypt/crack this stuff? Below is a sample of the file for reference (this is a throwaway account):

{"id":150,"hostname":"https://users.nexusmods.com","httpRealm":null,"formSubmitURL":"https://users.nexusmods.com","usernameField":"user[login]","passwordField":"user[password]","encryptedUsername":"MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECDxrRGLf9XMXBBCTfI22DCPUnYr3ivgM6elY","encryptedPassword":"MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECPLfp5/hpm6EBBAYeLQjs2RZraIf/cR4EjbA","guid":"{1c0f92d3-8a31-4deb-b44a-c999fdb3fa5f}","encType":1,"timeCreated":1609418603412,"timeLastUsed":1630008337192,"timePasswordChanged":1609418603412,"timesUsed":2},{"id":151,"hostname":"https://users.nexusmods.com","httpRealm":null,"formSubmitURL":"https://users.nexusmods.com","usernameField":"user[login]","passwordField":"user[password]","encryptedUsername":"MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECHgxbO45Tmo4BBCXmO+ytMScmHcuiM+swXrT","encryptedPassword":"MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECHXvzvtvaue+BBCUJoXRCqBgapdR6iwe5pGs","guid":"{496479ca-d70a-45ea-9a96-5b8898b55051}","encType":1,"timeCreated":1625539401166,"timeLastUsed":1630008331273,"timePasswordChanged":1625539401166,"timesUsed":2}

I do have the vast majority of these usernames and passwords memorized and could provide them to whatever tool you would recommend. I also know the first three characters of the password I am looking for are, if that helps at all.

Again, I apologize. You guys are my next to last best hope. I am going to dig around a few more backup hard drives I have scattered around and see if I can find a more UTD password list, but I really don't think it is going to happen.

submitted by /u/GoldenSheppard
[link] [comments]

from hacking: security in practice https://ift.tt/3p3UzBQ

Comments

Post a Comment