OK, I couldn't resist the challenge, my C skills need some sharpening and I've never used sqlite. Here's a short program to extract the cookie information from the sqlite3 database used my Firefox 3 into the old format.
I've tested this on Cygwin but there is no reason why it should not compile on another platform so long as the sqlite3 libraries and headers are installed. I compiled it with the following command:
gcc -Wall -g -o cookiejar cookiejar.c -lsqlite3
Regards,
Jimbob
#include <stdlib.h>
#include <stdio.h>
#include <sqlite3.h>
/*
These are the columns in the moz_cookies table
id = used internall my Firefox?
name = some_name
value = some_value
host = .ethicalhacker.net
path = /
expiry = 1304073154
lastAccessed = 1241001154890625
isSecure = 0
isHttpOnly = 0
The Firefox 2.x cookie file format is...
Domain Domain scope? Path Secure Expires Name Value
.example.com TRUE / FALSE 1143149359 login_id 123456
*/
static int callback(void *NotUsed, int argc, char **argv, char **azColName){
printf("%s\t%s\t%s\t%s\t%s\t%s\t%s\n",
argv[0], // host or domain name
*argv[0] == '.' ? "TRUE" : "FALSE", // Domain accessible if host starts with a '.'
argv[1], // path
*argv[2] == '1' ? "TRUE" : "FALSE", // SSL only?
argv[3], // Expiry
argv[4], // Cookie name
argv[5] ? argv[5] : "NULL" // Cookie value
);
return 0;
}
int main(int argc, char **argv){
sqlite3 *db;
char *zErrMsg = 0;
char *sql = "select host,path,isSecure,expiry,name,value from moz_cookies";
int rc;
if( argc!=2 ){
fprintf(stderr, "Usage: %s DATABASE\n", argv[0]);
exit(1);
}
//TODO: Stat the file first
// Open the database, exit on failure
rc = sqlite3_open(argv[1], &db);
if( rc ){
fprintf(stderr, "Can't open database: %s\n", sqlite3_errmsg(db));
sqlite3_close(db);
exit(1);
}
rc = sqlite3_exec(db, sql, callback, 0, &zErrMsg);
if( rc!=SQLITE_OK ){
fprintf(stderr, "SQL error: %s\n", zErrMsg);
sqlite3_free(zErrMsg);
}
// Close the database
sqlite3_close(db);
return 0;
}
General Certification : CPT Practical Submission
