You can find Firefox profile databases in
- Linux
/home/$USER/.mozilla/firefox/[PROFILE]
- Windows
C:\Users\%USERNAME%\[PROFILE]
In above directories, there are many sqlite database files, so let's to import these databases and see what we get
require 'sqlite3'
# Browser Histroy
db = SQLite3::Database.new "places.sqlite"
# List all tables
db.execute "SELECT * FROM sqlite_master where type='table'"
# List all vitied URLs (History)
db.execute "SELECT url FROM moz_places"
# List all bookmarks
db.execute "SELECT title FROM moz_bookmarks"
# List all Cookies
db = SQLite3::Database.new "cookies.sqlite"
db.execute "SELECT baseDomain, name, host, path, value FROM moz_cookies"
# List all form history
db = SQLite3::Database.new "formhistory.sqlite"
db.execute "SELECT fieldname, value FROM moz_formhistory"More about Firefox forensic
- Linux
/home/$USER/.config/google-chrome/Default
- Windows
C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default\
require 'sqlite3'
# List all Cookies
db = SQLite3::Database.new "Cookies"
db.execute "SELECT host_key, path, name, value FROM cookies"More about Chrome forensic