Viewing Category: Firefox  [clear category selection]

Charles Proxy Firefox Extension Manual Installation

This post will probably be useful to about four people in the world. But I'll throw it up here for their benefit.

I installed a copy of Firefox 6.0.1 to do some work on HTML5 forms. So that it wouldn't discombobulate my existing Firefox 3.6.21 installation with all my development gadgetry, I created a secondary Mozilla profile path. While loading pages with the latest Firefox, I saw that proxied requests were not appearing in the Charles window. Normally the extension that Charles provides to turn on/off HTTP proxying is installed automatically. I believe that because I was using a copy of Firefox in a weird location with a foreign profile, it didn't do its magic.

So, here's how to install the extension manually. Extract the XPI from the main Java Archive:

unzip -j -d ~/Downloads /Applications/Charles.app/Contents/Resources/Java/charles.jar charles.xpi

Then open the Add-ons Manager and choose Install Add-on From File... from the actions menu. Browse to the file from the Downloads directory. Et voilá!

Firefox Password Export

It's fairly easy to copy the Firefox stored website passwords from one computer to another, when migrating user preferences, for example. However, exporting the passwords to a plain text (CSV or XML) file requires decrypting the data contained in signons3.txt using the key contained in key3.db. There are a few programs to do this. Another route is to use a Firefox Add-On called Password Exporter to save the passwords within the Firefox environment. Unfortunately, this add-on hasn't been updated in a while. Firefox 3.0.10 flagged it as incompatible after parsing the XPI.

Instead of trying to install an old version of Firefox on my workstation, I fired up an old Fedora Live CD using VMware Fusion. After installing Password Exporter, I copied the two files over the network.

# Set the target host information T_HOST=target T_USER=bgrissom T_FF_LIB="/Users/$T_USER/Library/Application\\ Support/Firefox/Profiles" # Select the correct target profile ssh -l $T_USER $T_HOST "ls -1d $T_FF_LIB/????????.*" T_PROFILE=xxxxxxxx.yyyyyy # There is only one profile in the Fedora Live CD copy of Firefox cd ~/.mozilla/firefox/????????.default # Copy the password files from the target machine scp "$T_USER@$T_HOST:$T_FF_LIB/$T_PROFILE/{key3.db,signons3.txt}" .

I launched Firefox and opened the preferences (Edit -> Preferences). On the security tab is a button that is created by the Password Export add-on.

The tool has the option to import passwords too, but I haven't tried that function. I just clicked the Export Passwords button.

A dialog window appears with a disclaimer about exposing passwords in clear-text.

The file format option is hidden under the Browse view. I selected CSV because it would be easier to parse with shell tools.

When it's finished, it displays the number of passwords exported to the text file.

Before shutting down the VM, it's important to copy the passwords to another location -- preferably not a RAM disk. ;)