火狐配置文件_愚蠢的怪胎技巧：入侵Firefox配置文件数据存储

火狐配置文件

Have you ever wondered where Firefox keeps all of the history it has remembered from your previous browsing sessions… not just URL’s but saved password, form data and certain preference values? The answer, quite simply, is inside of SQLite databases in your Firefox profile folder.

您是否曾经想过Firefox在以前的浏览会话中保留了它记得的所有历史记录，而不仅仅是URL的保存了密码，表单数据和某些首选项值？ 答案很简单，就是在Firefox配置文件文件夹中SQLite数据库内部。

Using an open source program, SQLite Database Browser, you can not only see the structure of the individual databases but browse and, if you are so inclined, manipulate all the data in each of the tables. While this article focuses on Windows, the same basic information should apply to Linux and Mac users as well.

使用开源程序SQLite Database Browser，您不仅可以查看各个数据库的结构，还可以浏览，如果愿意的话，还可以操纵每个表中的所有数据。 尽管本文重点讨论Windows，但相同的基本信息也应适用于Linux和Mac用户。

查看Firefox配置文件数据 (Viewing the Firefox Profile Data)

Before getting started, make sure Firefox is closed so there are no problems with locks on any of these files.

在开始之前，请确保Firefox已关闭，以便对这些文件中的任何一个锁都没有问题。

Open SQLite Database Browser, click the open icon and navigate to your Firefox Profile. In Windows 7, the location is here:

打开SQLite数据库浏览器，单击打开图标，然后导航到Firefox配置文件。 在Windows 7中，位置在这里：

%UserProfile%\AppData\Roaming\Mozilla\Firefox\Profiles\<random>.default

％UserProfile％\ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ <random> .default

An interesting database we will take a look at is “formhistory.sqlite”.

我们将要研究的一个有趣的数据库是“ formhistory.sqlite”。

The reason this particular database is interesting is because it stores values you enter into form input fields such as your address, email and phone number (if you have Firefox set to keep this information).

该特定数据库之所以有趣，是因为它存储您在表单输入字段中输入的值，例如地址，电子邮件和电话号码(如果已将Firefox设置为保留此信息)。

As you can see when you open this file and browse the “moz_formhistory” table, there are loads of entries which give you a bit of insight into how this feature works. Essentially the name of the HTML field where you entered the data is stored in the “fieldname” column and the respective value in the “value” column.

如您所见，当您打开该文件并浏览“ moz_formhistory”表时，有很多条目可以使您深入了解此功能的工作原理。 本质上，您在其中输入数据HTML字段的名称存储在“字段名”列中，而相应的值存储在“值”列中。

Because field names such as “Email” and “Subject” are very common and likely to be across multiple sites, you may see several entries for the same “fieldname” value with different “value” values. This also explains why you can see values you entered on one site when you are filling out a form on a completely different site.

因为诸如“电子邮件”和“主题”之类的字段名非常普遍，并且可能跨越多个站点，所以您可能会看到相同“字段名”值的多个条目，但具有不同的“值”值。 这也解释了为什么在完全不同的站点上填写表单时可以看到在一个站点上输入的值。

However, this information can be sensitive. For example, if I search for my credit card number (by pattern) I can find the plain text entry in this database.

但是，此信息可能很敏感。 例如，如果我搜索我的信用卡号(按模式)，则可以在此数据库中找到纯文本条目。

If you find entries like this you want to get rid of, simply locate the respective “id” value in the Browse Data tab and click the Delete Record button, save your changes and it is gone.

如果找到想要删除的条目，只需在“浏览数据”选项卡中找到相应的“ id”值，然后单击“删除记录”按钮，保存所做的更改即可。

This can be useful for not only clearing sensitive data, but also entries such as old email addresses or phone numbers without having to clear out all of your history.

这不仅可以清除敏感数据，而且还可以清除旧的电子邮件地址或电话号码等条目，而不必清除所有历史记录。

其他配置文件数据库 (Other Profile Databases)

While there are several more SQLite databases you can take a look at (all having the .sqlite file extension), below are some which may be of interest. You can open these using the SQLite Database Browser exactly as shown above.

尽管还有更多SQLite数据库可供您查看(所有文件都具有.sqlite扩展名)，但下面是一些您可能会感兴趣的数据库。 您可以完全如上所示使用SQLite数据库浏览器打开这些文件。

• addons.sqlite = Installation information on installed add-ons. This is most likely used for keeping your installed add-ons current.
  addons.sqlite =有关已安装附件的安装信息。 这很可能用于使安装的附件保持最新。
• content-prefs.sqlite = Stores information specific to web sites and your settings. For example, the last used location on your computer to upload a file.
  content-prefs.sqlite =存储特定于网站和您的设置的信息。 例如，计算机上次使用的位置来上传文件。
• downloads.sqlite = Information about items which appear in your download items list.
  downloads.sqlite =有关出现在您的下载项目列表中的项目的信息。
• extensions.sqlite = Information about installed add-ons. There is nothing too insightful here, but if you are looking for intricate details about an add-on, the information here may be helpful.
  extensions.sqlite =有关已安装附件的信息。 这里没有什么太有见识的，但是如果您正在寻找有关加载项的复杂细节，那么这里的信息可能会有所帮助。
• formhistory.sqlite = (covered in detail above) All non-password data which has been saved in Firefox.
  formhistory.sqlite =(上面有详细介绍)已保存在Firefox中的所有非密码数据。
• signons.sqlite = Saved login password information. The passwords are encrypted against your master password but you can view the number of times each one has been used.
  signons.sqlite =保存的登录密码信息。 密码是根据您的主密码加密的，但是您可以查看每个密码的使用次数。

Take a look and if you find something interesting, please share.

看看，如果您发现有趣的东西，请分享。

Download SQLite Database Browser

下载SQLite数据库浏览器

翻译自: https://www.howtogeek.com/69051/stupid-geek-tricks-hacking-the-firefox-profile-data-storage/

火狐配置文件