CalvinBackup/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData.git synced 2026-05-27 19:22:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: strip host_key prefix from Chrome 130+ cookie values (#526)

Browse Source 
* fix: strip SHA256(host_key) prefix from Chrome 130+ cookie values

Chrome 130 (Cookie DB schema v24) prepends SHA256(domain) to cookie
values before encryption to prevent cross-domain replay attacks.
After decryption, this 32-byte hash must be verified and stripped.

Changes:
- Add stripCookieHash() that verifies SHA256(host_key) and strips
  the prefix only when it matches (auto-compatible with older Chrome)
- Fix edge case: cookies with empty values (exactly 32 bytes = hash only)
- Add decrypt_test.go with v10 round-trip encryption/decryption test
- Add stripCookieHash test cases for v24+, older Chrome, empty values,
  short values, and host mismatch scenarios

Closes #524

* fix: strip SHA256(host_key) prefix from Chrome 130+ cookie values

Chrome 130 (Cookie DB schema v24) prepends SHA256(domain) to cookie
values before encryption to prevent cross-domain replay attacks.
After decryption, this 32-byte hash must be verified and stripped.

Changes:
- Add stripCookieHash() that verifies SHA256(host_key) and strips
  the prefix only when it matches (auto-compatible with older Chrome)
- Fix edge case: cookies with empty values (exactly 32 bytes = hash only)
- Add table-driven decrypt tests for v10/v20/DPAPI per platform
- Add Windows-specific DPAPI round-trip test using CryptProtectData
- Add shared testAESKey constant in testutil_test.go
- Add stripCookieHash tests for v24+, older Chrome, empty values,
  short values, and host mismatch scenarios
- Extend lint CI to run on ubuntu, windows, and macos

Closes #524

* fix: remove DPAPI test from darwin/linux (returns nil on Linux)

DecryptWithDPAPI returns nil error on Linux (silent no-op) but error
on macOS, causing the test to fail on Ubuntu CI. DPAPI round-trip
testing is properly covered in decrypt_windows_test.go.

* fix: resolve Windows CI lint errors exposed by multi-platform lint

- Add _ = before windows.CloseHandle calls to satisfy errcheck
- Add build tag to params.go (only used on macOS/Linux, not Windows)

* fix: add .gitattributes to force LF and refactor cookie tests

- Add .gitattributes with `* text=auto eol=lf` to prevent CRLF
  conversion on Windows CI causing gofumpt false positives
- Add .gitattributes to .gitignore whitelist
- Refactor stripCookieHash tests into table-driven style

* fix: address Copilot review on decrypt tests

- Assert error on wrong key instead of ignoring it (AES-CBC returns
  padding error, not silent empty result)
- Guard empty plaintext in encryptWithDPAPI to prevent nil pointer panic
- Convert uint32 to int for make/copy slice bounds in Windows test

* fix: assert specific error message in wrong key decrypt test
This commit is contained in:
Roger
2026-03-29 22:40:38 +08:00
committed by moonD4rk
parent b3dd4ed6e4
commit 2c4e871e59
10 changed files with 249 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitattributes
+4
View File
@@ -0,0 +1,4 @@
# Force LF line endings for all text files.
# Prevents gofmt/gofumpt/goimports CRLF false positives on Windows CI.
# See: golangci/golangci-lint#580, golang/go#16355
* text=auto eol=lf
.github/workflows/lint.yml
+6 -2
View File
@@ -11,8 +11,11 @@ permissions:
jobs: jobs:
lint: lint:
name: Lint name: Lint (${{ matrix.os }})
runs-on: ubuntu-latest runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
steps: steps:
- uses: actions/checkout@v5 - uses: actions/checkout@v5
@@ -21,6 +24,7 @@ jobs:
go-version-file: go.mod go-version-file: go.mod
- name: Check spelling - name: Check spelling
if: matrix.os == 'ubuntu-latest'
uses: crate-ci/typos@master uses: crate-ci/typos@master
with: with:
config: ./.typos.toml config: ./.typos.toml
.gitignore
+1
View File
@@ -12,6 +12,7 @@
!go.sum !go.sum
# === Project root config === # === Project root config ===
!.gitattributes
!.gitignore !.gitignore
!.golangci.yml !.golangci.yml
!.goreleaser.yml !.goreleaser.yml
browser/chromium/decrypt_test.go
+64
View File
@@ -0,0 +1,64 @@
//go:build darwin || linux
package chromium
import (
"bytes"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/moond4rk/hackbrowserdata/crypto"
)
// testCBCIV is the fixed IV Chrome uses on macOS/Linux (16 space bytes).
var testCBCIV = bytes.Repeat([]byte{0x20}, 16)
func TestDecryptValue_V10(t *testing.T) {
plaintext := []byte("test_secret_value")
encrypted, err := crypto.AES128CBCEncrypt(testAESKey, testCBCIV, plaintext)
require.NoError(t, err)
v10Ciphertext := append([]byte("v10"), encrypted...)
tests := []struct {
name string
key []byte
want []byte
wantErrMsg string // empty = no error expected
}{
{
name: "decrypts correctly",
key: testAESKey,
want: plaintext,
},
{
name: "wrong key returns padding error",
key: []byte("wrong_key_1234!!"),
wantErrMsg: "pkcs5UnPadding",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := decryptValue(tt.key, v10Ciphertext)
if tt.wantErrMsg != "" {
require.Error(t, err)
assert.Contains(t, err.Error(), tt.wantErrMsg)
assert.Nil(t, got)
return
}
require.NoError(t, err)
assert.Equal(t, tt.want, got)
})
}
}
func TestDecryptValue_V20(t *testing.T) {
// v20 App-Bound Encryption is not yet implemented.
// TODO: add successful decryption cases when implemented.
ciphertext := append([]byte("v20"), make([]byte, 32)...)
_, err := decryptValue(nil, ciphertext)
require.Error(t, err)
assert.Contains(t, err.Error(), "v20")
}
browser/chromium/decrypt_windows_test.go
+83
View File
@@ -0,0 +1,83 @@
//go:build windows
package chromium
import (
"fmt"
"syscall"
"testing"
"unsafe"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/moond4rk/hackbrowserdata/crypto"
)
// encryptWithDPAPI encrypts data using Windows DPAPI (CryptProtectData).
// This is the reverse of crypto.DecryptWithDPAPI, used only for testing.
func encryptWithDPAPI(plaintext []byte) ([]byte, error) {
crypt32 := syscall.NewLazyDLL("Crypt32.dll")
kernel32 := syscall.NewLazyDLL("Kernel32.dll")
protectDataProc := crypt32.NewProc("CryptProtectData")
localFreeProc := kernel32.NewProc("LocalFree")
var inBlob struct {
cbData uint32
pbData *byte
}
inBlob.cbData = uint32(len(plaintext))
if len(plaintext) > 0 {
inBlob.pbData = &plaintext[0]
}
var outBlob struct {
cbData uint32
pbData *byte
}
r, _, err := protectDataProc.Call(
uintptr(unsafe.Pointer(&inBlob)),
0, 0, 0, 0, 0,
uintptr(unsafe.Pointer(&outBlob)),
)
if r == 0 {
return nil, fmt.Errorf("CryptProtectData failed: %w", err)
}
defer localFreeProc.Call(uintptr(unsafe.Pointer(outBlob.pbData)))
size := int(outBlob.cbData)
result := make([]byte, size)
copy(result, (*[1 << 30]byte)(unsafe.Pointer(outBlob.pbData))[:size])
return result, nil
}
func TestDecryptValue_V10_Windows(t *testing.T) {
// Windows uses AES-GCM for v10 (not AES-CBC like macOS/Linux)
plaintext := []byte("test_secret_value")
nonce := []byte("123456789012") // 12-byte nonce
encrypted, err := crypto.AESGCMEncrypt(testAESKey, nonce, plaintext)
require.NoError(t, err)
// v10 format on Windows: "v10" + nonce(12) + encrypted
ciphertext := append([]byte("v10"), append(nonce, encrypted...)...)
got, err := decryptValue(testAESKey, ciphertext)
require.NoError(t, err)
assert.Equal(t, plaintext, got)
}
func TestDecryptValue_DPAPI_Windows(t *testing.T) {
// Round-trip: encrypt with CryptProtectData, decrypt with decryptValue
plaintext := []byte("dpapi_test_secret")
encrypted, err := encryptWithDPAPI(plaintext)
require.NoError(t, err)
require.NotEmpty(t, encrypted)
// No v10/v20 prefix → decryptValue routes to DPAPI path
got, err := decryptValue(nil, encrypted)
require.NoError(t, err)
assert.Equal(t, plaintext, got)
}
browser/chromium/extract_cookie.go
+19
View File
@@ -1,6 +1,8 @@
package chromium package chromium
import ( import (
"bytes"
"crypto/sha256"
"database/sql" "database/sql"
"sort" "sort"
@@ -30,6 +32,7 @@ func extractCookies(masterKey []byte, path string) ([]types.CookieEntry, error)
} }
value, _ := decryptValue(masterKey, encryptedValue) value, _ := decryptValue(masterKey, encryptedValue)
value = stripCookieHash(value, host)
return types.CookieEntry{ return types.CookieEntry{
Name: name, Name: name,
Host: host, Host: host,
@@ -50,3 +53,19 @@ func extractCookies(masterKey []byte, path string) ([]types.CookieEntry, error)
}) })
return cookies, nil return cookies, nil
} }
// stripCookieHash removes the SHA256(host_key) prefix from a decrypted cookie value.
// Chrome 130+ (Cookie DB schema version 24) prepends SHA256(domain) to the cookie
// value before encryption to prevent cross-domain cookie replay attacks.
// If the first 32 bytes don't match SHA256(hostKey), the value is returned unchanged,
// which handles both older Chrome versions and tampered data.
func stripCookieHash(value []byte, hostKey string) []byte {
if len(value) < sha256.Size {
return value
}
hash := sha256.Sum256([]byte(hostKey))
if bytes.Equal(value[:sha256.Size], hash[:]) {
return value[sha256.Size:] // empty slice if value was exactly 32 bytes
}
return value
}
browser/chromium/extract_cookie_test.go
+58 -5
View File
@@ -1,6 +1,7 @@
package chromium package chromium
import ( import (
"crypto/sha256"
"testing" "testing"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
@@ -25,11 +26,63 @@ func TestExtractCookies(t *testing.T) {
assert.Equal(t, "token", got[0].Name) assert.Equal(t, "token", got[0].Name)
assert.Equal(t, "/api", got[0].Path) assert.Equal(t, "/api", got[0].Path)
assert.True(t, got[0].IsSecure) assert.True(t, got[0].IsSecure)
assert.False(t, got[0].IsHTTPOnly) // httpOnly=0 assert.False(t, got[0].IsHTTPOnly)
assert.False(t, got[0].CreatedAt.IsZero()) assert.False(t, got[0].CreatedAt.IsZero())
assert.False(t, got[0].ExpireAt.IsZero())
assert.True(t, got[0].ExpireAt.After(got[0].CreatedAt)) assert.True(t, got[0].ExpireAt.After(got[0].CreatedAt))
assert.True(t, got[1].IsHTTPOnly)
// Verify second cookie flags }
assert.True(t, got[1].IsHTTPOnly) // httpOnly=1
func TestStripCookieHash(t *testing.T) {
googleHash := sha256.Sum256([]byte(".google.com"))
shopifyHash := sha256.Sum256([]byte(".shopify.com"))
tests := []struct {
name string
value []byte
hostKey string
want string
}{
{
name: "Chrome 130+ strips SHA256 prefix",
value: append(googleHash[:], []byte("GA1.3.240937927.1770097858")...),
hostKey: ".google.com",
want: "GA1.3.240937927.1770097858",
},
{
name: "Chrome 130+ empty original value",
value: shopifyHash[:],
hostKey: ".shopify.com",
want: "",
},
{
name: "older Chrome no prefix",
value: []byte("plain_cookie_value"),
hostKey: ".example.com",
want: "plain_cookie_value",
},
{
name: "short value unchanged",
value: []byte("short"),
hostKey: ".example.com",
want: "short",
},
{
name: "host mismatch not stripped",
value: append(googleHash[:], []byte("value")...),
hostKey: ".other.com",
want: string(append(googleHash[:], []byte("value")...)),
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got := stripCookieHash(tt.value, tt.hostKey)
assert.Equal(t, tt.want, string(got))
})
}
}
func TestStripCookieHash_NilValue(t *testing.T) {
got := stripCookieHash(nil, ".example.com")
assert.Nil(t, got)
} }
browser/chromium/testutil_test.go
+8
View File
@@ -12,6 +12,14 @@ import (
_ "modernc.org/sqlite" _ "modernc.org/sqlite"
) )
// ---------------------------------------------------------------------------
// Shared test constants for Chromium encryption.
// Reusable across decrypt, cookie, password, and creditcard tests.
// ---------------------------------------------------------------------------
// testAESKey is a 16-byte AES-128 key for constructing test ciphertext.
var testAESKey = []byte("0123456789abcdef")
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
// Real Chrome table schemas — extracted via `sqlite3 <db> ".schema <table>"`. // Real Chrome table schemas — extracted via `sqlite3 <db> ".schema <table>"`.
// Using complete schemas ensures our SQL queries work against real browser data. // Using complete schemas ensures our SQL queries work against real browser data.
crypto/keyretriever/params.go
+2
View File
@@ -1,3 +1,5 @@
//go:build darwin || linux
package keyretriever package keyretriever
import ( import (
filemanager/copy_windows.go
+4 -4
View File
@@ -127,7 +127,7 @@ func findFileHandle(targetPath string) (windows.Handle, error) {
0, false, 0, false,
windows.DUPLICATE_SAME_ACCESS, windows.DUPLICATE_SAME_ACCESS,
) )
windows.CloseHandle(process) _ = windows.CloseHandle(process)
if err != nil { if err != nil {
continue continue
} }
@@ -135,21 +135,21 @@ func findFileHandle(targetPath string) (windows.Handle, error) {
// Verify it's a disk file (not a pipe, device, etc.) // Verify it's a disk file (not a pipe, device, etc.)
fileType, _, _ := procGetFileType.Call(uintptr(dupHandle)) fileType, _, _ := procGetFileType.Call(uintptr(dupHandle))
if fileType != fileTypeDisk { if fileType != fileTypeDisk {
windows.CloseHandle(dupHandle) _ = windows.CloseHandle(dupHandle)
continue continue
} }
// Get the file path and check if it matches our target // Get the file path and check if it matches our target
name, err := getFinalPathName(dupHandle) name, err := getFinalPathName(dupHandle)
if err != nil { if err != nil {
windows.CloseHandle(dupHandle) _ = windows.CloseHandle(dupHandle)
continue continue
} }
if strings.HasSuffix(strings.ToLower(name), targetSuffix) { if strings.HasSuffix(strings.ToLower(name), targetSuffix) {
return dupHandle, nil return dupHandle, nil
} }
windows.CloseHandle(dupHandle) _ = windows.CloseHandle(dupHandle)
} }
return 0, fmt.Errorf("no process has file open: %s", targetPath) return 0, fmt.Errorf("no process has file open: %s", targetPath)