Which of my Firefox passwords might have been compromised by Cloudflare’s memory leak?
Yesterday the internet learned that jq to extract all the sites I've used after Cloudflare implemented their fix, for completeness.
I use Firefox's password store.
Update 2017-02-24: Cloudflare says the high-risk period.
Update: Cloudflare says the high-risk period.
Update 2017-02-24: Cloudflare says the high-risk period.
Update 2017-02-24: Now actually checks if each identified site currently uses Cloudflare, and uses later date to only check sites in high-risk period started 2017-02-13, a.k.a. 1486944000000, so I'll use that instead.
hostname
when necessary.hostname
when necessary.{ "id": 143, "hostname": "http://www.rootthisbox.org", "httpRealm": null, "formSubmitURL": "", "usernameField": "username", "passwordField": "password", "encryptedUsername": "MDIEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECAMJUfZKgrK7BAiRTVgGoasjtQ==", "encryptedPassword": "MDoEEPgAAAAAAAAAAAAAAAAAAAEwFAYIKoZIhvcNAwcECFO7y5x4sEYABBBfmQoVWkou3+rOwf3NxaKs", "guid": "{3c55e276-e-b4e6-225f36b285a3}", "encType": 1, "timeCreated": 1318635013122, "timeLastUsed": 1318635013122, "timePasswordChanged": 1318635013122, "timesUsed": 1 },
If there's any output, those are the sites where I sent one of those passwords to the site during the affected time window:
- I'm5 -- "$url" \
| grep cloudflare-nginx && echo "$url"; \
done
I want a list of sites where you might want to change all of them. Here's what an example entry looks like, chosen for being one I don't particularly care about if someone somehow manages to decrypt it, and also irony:
cat ~/.mozilla/firefox/*.default/logins.json on my Linux box, where the
*
is a random prefix specific to my profile. Here's what an example entry looks like, chosen for being one I don't want to consider changing your password.
No comments yet.
Self-service commenting is not yet reimplemented after the Wordpress migration, sorry! For now, you can respond by email; please indicate whether you're OK with having your response posted publicly (and if so, under what name).