CalvinBackup/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData.git synced 2026-05-21 19:06:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

refactor: add comments and format code style

Browse Source
This commit is contained in:
ᴍᴏᴏɴD4ʀᴋ
2022-08-14 01:18:28 +08:00
parent 77991605b2
commit 147d57e8f4
4 changed files with 100 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/decrypter/decrypter.go
+61 -43
View File
@@ -44,13 +44,13 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
} }
// nssPBE Struct // nssPBE Struct
// SEQUENCE (2 elem) //
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OCTET STRING (20 byte) // OCTET STRING (20 byte)
// INTEGER 1 // INTEGER 1
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type nssPBE struct { type nssPBE struct {
AlgoAttr struct { AlgoAttr struct {
asn1.ObjectIdentifier asn1.ObjectIdentifier
@@ -62,10 +62,6 @@ type nssPBE struct {
Encrypted []byte Encrypted []byte
} }
func (n nssPBE) entrySalt() []byte {
return n.AlgoAttr.SaltAttr.EntrySalt
}
func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
glmp := append(globalSalt, masterPwd...) glmp := append(globalSalt, masterPwd...)
hp := sha1.Sum(glmp) hp := sha1.Sum(glmp)
@@ -82,26 +78,34 @@ func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
k2.Write(tkPlus) k2.Write(tkPlus)
k := append(k1.Sum(nil), k2.Sum(nil)...) k := append(k1.Sum(nil), k2.Sum(nil)...)
iv := k[len(k)-8:] iv := k[len(k)-8:]
return des3Decrypt(k[:24], iv, n.Encrypted) return des3Decrypt(k[:24], iv, n.encrypted())
}
func (n nssPBE) entrySalt() []byte {
return n.AlgoAttr.SaltAttr.EntrySalt
}
func (n nssPBE) encrypted() []byte {
return n.Encrypted
} }
// MetaPBE Struct // MetaPBE Struct
// SEQUENCE (2 elem) //
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// SEQUENCE (4 elem) // SEQUENCE (4 elem)
// OCTET STRING (32 byte) // OCTET STRING (32 byte)
// INTEGER 1 // INTEGER 1
// INTEGER 32 // INTEGER 32
// SEQUENCE (1 elem) // SEQUENCE (1 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// OCTET STRING (14 byte) // OCTET STRING (14 byte)
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type metaPBE struct { type metaPBE struct {
AlgoAttr algoAttr AlgoAttr algoAttr
Encrypted []byte Encrypted []byte
@@ -135,8 +139,8 @@ type slatAttr struct {
func (m metaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) { func (m metaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
k := sha1.Sum(globalSalt) k := sha1.Sum(globalSalt)
key := pbkdf2.Key(k[:], m.entrySalt(), m.iterationCount(), m.keySize(), sha256.New) key := pbkdf2.Key(k[:], m.entrySalt(), m.iterationCount(), m.keySize(), sha256.New)
iv := append([]byte{4, 14}, m.AlgoAttr.Data.IVData.IV...) iv := append([]byte{4, 14}, m.iv()...)
return aes128CBCDecrypt(key, iv, m.Encrypted) return aes128CBCDecrypt(key, iv, m.encrypted())
} }
func (m metaPBE) entrySalt() []byte { func (m metaPBE) entrySalt() []byte {
@@ -151,13 +155,21 @@ func (m metaPBE) keySize() int {
return m.AlgoAttr.Data.Data.SlatAttr.KeySize return m.AlgoAttr.Data.Data.SlatAttr.KeySize
} }
func (m metaPBE) iv() []byte {
return m.AlgoAttr.Data.IVData.IV
}
func (m metaPBE) encrypted() []byte {
return m.Encrypted
}
// loginPBE Struct // loginPBE Struct
// SEQUENCE (3 elem) //
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// OCTET STRING (8 byte) // OCTET STRING (8 byte)
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type loginPBE struct { type loginPBE struct {
CipherText []byte CipherText []byte
Data struct { Data struct {
@@ -168,7 +180,14 @@ type loginPBE struct {
} }
func (l loginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { func (l loginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.Data.IV, l.Encrypted) return des3Decrypt(globalSalt, l.iv(), l.encrypted())
}
func (l loginPBE) iv() []byte {
return l.Data.IV
}
func (l loginPBE) encrypted() []byte {
return l.Encrypted
} }
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) { func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
@@ -197,7 +216,7 @@ func pkcs5UnPadding(src []byte, blockSize int) []byte {
return src[:n-paddingNum] return src[:n-paddingNum]
} }
// des3Decrypt use for decrypter firefox PBE // des3Decrypt use for decrypt firefox PBE
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) { func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
block, err := des.NewTripleDESCipher(key) block, err := des.NewTripleDESCipher(key)
if err != nil { if err != nil {
@@ -213,10 +232,9 @@ func paddingZero(s []byte, l int) []byte {
h := l - len(s) h := l - len(s)
if h <= 0 { if h <= 0 {
return s return s
} else {
for i := len(s); i < l; i++ {
s = append(s, 0)
}
return s
} }
for i := len(s); i < l; i++ {
s = append(s, 0)
}
return s
} }
internal/decrypter/decrypter_darwin.go
+9 -9
View File
@@ -1,17 +1,17 @@
package decrypter package decrypter
func Chromium(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 3 { if len(encryptPass) <= 3 {
if len(key) == 0 { return nil, errPasswordIsEmpty
return nil, errSecurityKeyIsEmpty
}
chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
} else {
return nil, errDecryptFailed
} }
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
}
iv := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
return aes128CBCDecrypt(key, iv, encryptPass[3:])
} }
func DPApi(data []byte) ([]byte, error) { func DPAPI(data []byte) ([]byte, error) {
return nil, nil return nil, nil
} }
internal/decrypter/decrypter_linux.go
+9 -9
View File
@@ -1,17 +1,17 @@
package decrypter package decrypter
func Chromium(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32} if len(encryptPass) < 3 {
if len(encryptPass) > 3 { return nil, errPasswordIsEmpty
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
}
return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
} else {
return nil, errDecryptFailed
} }
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
}
chromeIV := []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
} }
func DPApi(data []byte) ([]byte, error) { func DPAPI(data []byte) ([]byte, error) {
return nil, nil return nil, nil
} }
internal/decrypter/decrypter_windows.go
+21 -14
View File
@@ -8,25 +8,29 @@ import (
) )
func Chromium(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 { if len(encryptPass) < 3 {
// remove Prefix 'v10'
return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
} else {
return nil, errPasswordIsEmpty return nil, errPasswordIsEmpty
} }
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
}
return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
} }
func ChromiumForYandex(key, encryptPass []byte) ([]byte, error) { func ChromiumForYandex(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 { if len(encryptPass) < 3 {
// remove Prefix 'v10'
// gcmBlockSize = 16
// gcmTagSize = 16
// gcmMinimumTagSize = 12 // NIST SP 800-38D recommends tags with 12 or more bytes.
// gcmStandardNonceSize = 12
return aesGCMDecrypt(encryptPass[12:], key, encryptPass[0:12])
} else {
return nil, errPasswordIsEmpty return nil, errPasswordIsEmpty
} }
if len(key) == 0 {
return nil, errSecurityKeyIsEmpty
}
// remove Prefix 'v10'
// gcmBlockSize = 16
// gcmTagSize = 16
// gcmMinimumTagSize = 12 // NIST SP 800-38D recommends tags with 12 or more bytes.
// gcmStandardNonceSize = 12
return aesGCMDecrypt(encryptPass[12:], key, encryptPass[0:12])
} }
// chromium > 80 https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_win.cc // chromium > 80 https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_win.cc
@@ -67,9 +71,12 @@ func (b *dataBlob) ToByteArray() []byte {
return d return d
} }
// DPApi // DPAPI (Data Protection Application Programming Interface)
// is a simple cryptographic application programming interface
// available as a built-in component in Windows 2000 and
// later versions of Microsoft Windows operating systems
// chrome < 80 https://chromium.googlesource.com/chromium/src/+/76f496a7235c3432983421402951d73905c8be96/components/os_crypt/os_crypt_win.cc#82 // chrome < 80 https://chromium.googlesource.com/chromium/src/+/76f496a7235c3432983421402951d73905c8be96/components/os_crypt/os_crypt_win.cc#82
func DPApi(data []byte) ([]byte, error) { func DPAPI(data []byte) ([]byte, error) {
dllCrypt := syscall.NewLazyDLL("Crypt32.dll") dllCrypt := syscall.NewLazyDLL("Crypt32.dll")
dllKernel := syscall.NewLazyDLL("Kernel32.dll") dllKernel := syscall.NewLazyDLL("Kernel32.dll")
procDecryptData := dllCrypt.NewProc("CryptUnprotectData") procDecryptData := dllCrypt.NewProc("CryptUnprotectData")