mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
fix: firefox password decryption failure, Close #70
This commit is contained in:
moond4rk
+17
-12
@@ -598,29 +598,28 @@ func (p *passwords) FirefoxParse() error {
|
||||
return err
|
||||
}
|
||||
keyLin := []byte{248, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}
|
||||
meta, err := decrypt.DecodeMeta(metaBytes)
|
||||
metaPBE, err := decrypt.NewASN1PBE(metaBytes)
|
||||
if err != nil {
|
||||
log.Error("decrypt meta data failed", err)
|
||||
return err
|
||||
}
|
||||
// default master password is empty
|
||||
var masterPwd []byte
|
||||
m, err := decrypt.Meta(globalSalt, masterPwd, meta)
|
||||
k, err := metaPBE.Decrypt(globalSalt, masterPwd)
|
||||
if err != nil {
|
||||
log.Error("decrypt firefox meta failed", err)
|
||||
log.Error("decrypt firefox meta bytes failed", err)
|
||||
return err
|
||||
}
|
||||
if bytes.Contains(m, []byte("password-check")) {
|
||||
if bytes.Contains(k, []byte("password-check")) {
|
||||
log.Debug("password-check success")
|
||||
m := bytes.Compare(nssA102, keyLin)
|
||||
if m == 0 {
|
||||
var nss interface{}
|
||||
nss, err = decrypt.DecodeNss(nssA11)
|
||||
nssPBE, err := decrypt.NewASN1PBE(nssA11)
|
||||
if err != nil {
|
||||
log.Error("decode firefox nssA11 bytes failed", err)
|
||||
return err
|
||||
}
|
||||
|
||||
finallyKey, err := decrypt.Nss(globalSalt, masterPwd, nss)
|
||||
finallyKey, err := nssPBE.Decrypt(globalSalt, masterPwd)
|
||||
finallyKey = finallyKey[:24]
|
||||
if err != nil {
|
||||
log.Error("get firefox finally key failed")
|
||||
@@ -631,13 +630,19 @@ func (p *passwords) FirefoxParse() error {
|
||||
return err
|
||||
}
|
||||
for _, v := range allLogins {
|
||||
userPBE, _ := decrypt.DecodeLogin(v.encryptUser)
|
||||
pwdPBE, _ := decrypt.DecodeLogin(v.encryptPass)
|
||||
user, err := decrypt.Des3Decrypt(finallyKey, userPBE.Iv, userPBE.Encrypted)
|
||||
userPBE, err := decrypt.NewASN1PBE(v.encryptUser)
|
||||
if err != nil {
|
||||
log.Error("decode firefox user bytes failed", err)
|
||||
}
|
||||
pwdPBE, err := decrypt.NewASN1PBE(v.encryptPass)
|
||||
if err != nil {
|
||||
log.Error("decode firefox password bytes failed", err)
|
||||
}
|
||||
user, err := userPBE.Decrypt(finallyKey, masterPwd)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
}
|
||||
pwd, err := decrypt.Des3Decrypt(finallyKey, pwdPBE.Iv, pwdPBE.Encrypted)
|
||||
pwd, err := pwdPBE.Decrypt(finallyKey, masterPwd)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
}
|
||||
|
||||
+147
-10
@@ -4,18 +4,160 @@ import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/des"
|
||||
"crypto/hmac"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"encoding/asn1"
|
||||
"errors"
|
||||
|
||||
"hack-browser-data/log"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
)
|
||||
|
||||
var (
|
||||
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal")
|
||||
errPasswordIsEmpty = errors.New("password is empty")
|
||||
errDecryptFailed = errors.New("decrypt failed, password is empty")
|
||||
errDecodeASN1Failed = errors.New("decode ASN1 data failed")
|
||||
)
|
||||
|
||||
type ASN1PBE interface {
|
||||
Decrypt(globalSalt, masterPwd []byte) (key []byte, err error)
|
||||
}
|
||||
|
||||
func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
|
||||
var (
|
||||
n NssPBE
|
||||
m MetaPBE
|
||||
l LoginPBE
|
||||
)
|
||||
if _, err := asn1.Unmarshal(b, &n); err == nil {
|
||||
return n, nil
|
||||
}
|
||||
if _, err := asn1.Unmarshal(b, &m); err == nil {
|
||||
return m, nil
|
||||
}
|
||||
if _, err := asn1.Unmarshal(b, &l); err == nil {
|
||||
return l, nil
|
||||
}
|
||||
return nil, errDecodeASN1Failed
|
||||
}
|
||||
|
||||
/* NSS Struct
|
||||
SEQUENCE (2 elem)
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (2 elem)
|
||||
OCTET STRING (20 byte)
|
||||
INTEGER 1
|
||||
OCTET STRING (16 byte)
|
||||
*/
|
||||
type NssPBE struct {
|
||||
NssSequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type NssSequenceA struct {
|
||||
DecryptMethod asn1.ObjectIdentifier
|
||||
NssSequenceB
|
||||
}
|
||||
|
||||
type NssSequenceB struct {
|
||||
EntrySalt []byte
|
||||
Len int
|
||||
}
|
||||
|
||||
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
|
||||
// byte[] GLMP; // GlobalSalt + MasterPassword
|
||||
// byte[] HP; // SHA1(GLMP)
|
||||
// byte[] HPES; // HP + EntrySalt
|
||||
// byte[] CHP; // SHA1(HPES)
|
||||
// byte[] PES; // EntrySalt completed to 20 bytes by zero
|
||||
// byte[] PESES; // PES + EntrySalt
|
||||
// byte[] k1;
|
||||
// byte[] tk;
|
||||
// byte[] k2;
|
||||
// byte[] k; // final value containing key and iv
|
||||
glmp := append(globalSalt, masterPwd...)
|
||||
hp := sha1.Sum(glmp)
|
||||
s := append(hp[:], n.EntrySalt...)
|
||||
chp := sha1.Sum(s)
|
||||
pes := PaddingZero(n.EntrySalt, 20)
|
||||
tk := hmac.New(sha1.New, chp[:])
|
||||
tk.Write(pes)
|
||||
pes = append(pes, n.EntrySalt...)
|
||||
k1 := hmac.New(sha1.New, chp[:])
|
||||
k1.Write(pes)
|
||||
tkPlus := append(tk.Sum(nil), n.EntrySalt...)
|
||||
k2 := hmac.New(sha1.New, chp[:])
|
||||
k2.Write(tkPlus)
|
||||
k := append(k1.Sum(nil), k2.Sum(nil)...)
|
||||
iv := k[len(k)-8:]
|
||||
log.Debug("get firefox pbe key and iv success")
|
||||
return des3Decrypt(k[:24], iv, n.Encrypted)
|
||||
}
|
||||
|
||||
/* META Struct
|
||||
SEQUENCE (2 elem)
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (2 elem)
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (4 elem)
|
||||
OCTET STRING (32 byte)
|
||||
INTEGER 1
|
||||
INTEGER 32
|
||||
SEQUENCE (1 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
OCTET STRING (14 byte)
|
||||
OCTET STRING (16 byte)
|
||||
*/
|
||||
type MetaPBE struct {
|
||||
MetaSequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type MetaSequenceA struct {
|
||||
PKCS5PBES2 asn1.ObjectIdentifier
|
||||
MetaSequenceB
|
||||
}
|
||||
type MetaSequenceB struct {
|
||||
MetaSequenceC
|
||||
MetaSequenceD
|
||||
}
|
||||
|
||||
type MetaSequenceC struct {
|
||||
PKCS5PBKDF2 asn1.ObjectIdentifier
|
||||
MetaSequenceE
|
||||
}
|
||||
|
||||
type MetaSequenceD struct {
|
||||
AES256CBC asn1.ObjectIdentifier
|
||||
IV []byte
|
||||
}
|
||||
|
||||
type MetaSequenceE struct {
|
||||
EntrySalt []byte
|
||||
IterationCount int
|
||||
KeySize int
|
||||
MetaSequenceF
|
||||
}
|
||||
|
||||
type MetaSequenceF struct {
|
||||
HMACWithSHA256 asn1.ObjectIdentifier
|
||||
}
|
||||
|
||||
func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
|
||||
k := sha1.Sum(globalSalt)
|
||||
key := pbkdf2.Key(k[:], m.EntrySalt, m.IterationCount, m.KeySize, sha256.New)
|
||||
iv := append([]byte{4, 14}, m.IV...)
|
||||
return aes128CBCDecrypt(key, iv, m.Encrypted)
|
||||
}
|
||||
|
||||
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
|
||||
block, err := aes.NewCipher(key)
|
||||
if err != nil {
|
||||
@@ -35,7 +177,7 @@ func PKCS5UnPadding(src []byte) []byte {
|
||||
}
|
||||
|
||||
// Des3Decrypt use for decrypt firefox PBE
|
||||
func Des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
|
||||
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
|
||||
block, err := des.NewTripleDESCipher(key)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
@@ -69,20 +211,15 @@ SEQUENCE (3 elem)
|
||||
*/
|
||||
type LoginPBE struct {
|
||||
CipherText []byte
|
||||
SequenceLogin
|
||||
LoginSequence
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type SequenceLogin struct {
|
||||
type LoginSequence struct {
|
||||
asn1.ObjectIdentifier
|
||||
Iv []byte
|
||||
}
|
||||
|
||||
func DecodeLogin(decodeItem []byte) (pbe LoginPBE, err error) {
|
||||
_, err = asn1.Unmarshal(decodeItem, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return pbe, nil
|
||||
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
|
||||
return des3Decrypt(globalSalt, l.Iv, l.Encrypted)
|
||||
}
|
||||
|
||||
@@ -1,116 +1,17 @@
|
||||
package decrypt
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha1"
|
||||
"encoding/asn1"
|
||||
|
||||
"hack-browser-data/log"
|
||||
)
|
||||
|
||||
var (
|
||||
chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
|
||||
)
|
||||
|
||||
func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
if len(encryptPass) > 3 {
|
||||
if len(key) == 0 {
|
||||
return nil, errSecurityKeyIsEmpty
|
||||
}
|
||||
m, err := aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
return m, err
|
||||
var chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
|
||||
return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
} else {
|
||||
return nil, errDecryptFailed
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
SEQUENCE (2 elem)
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (2 elem)
|
||||
OCTET STRING (20 byte)
|
||||
INTEGER 1
|
||||
OCTET STRING (16 byte)
|
||||
*/
|
||||
|
||||
type NssPBE struct {
|
||||
SequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type MetaPBE struct {
|
||||
SequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type SequenceA struct {
|
||||
DecryptMethod asn1.ObjectIdentifier
|
||||
SequenceB
|
||||
}
|
||||
|
||||
type SequenceB struct {
|
||||
EntrySalt []byte
|
||||
Len int
|
||||
}
|
||||
|
||||
func DecodeMeta(metaBytes []byte) (pbe MetaPBE, err error) {
|
||||
_, err = asn1.Unmarshal(metaBytes, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func DPApi(data []byte) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func DecodeNss(nssA11Bytes []byte) (pbe NssPBE, err error) {
|
||||
_, err = asn1.Unmarshal(nssA11Bytes, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func Meta(globalSalt, masterPwd []byte, pbe MetaPBE) ([]byte, error) {
|
||||
return decryptPBE(globalSalt, masterPwd, pbe.EntrySalt, pbe.Encrypted)
|
||||
}
|
||||
|
||||
func Nss(globalSalt, masterPwd []byte, pbe NssPBE) ([]byte, error) {
|
||||
return decryptPBE(globalSalt, masterPwd, pbe.EntrySalt, pbe.Encrypted)
|
||||
}
|
||||
|
||||
func decryptPBE(globalSalt, masterPwd, entrySalt, encrypted []byte) ([]byte, error) {
|
||||
// byte[] GLMP; // GlobalSalt + MasterPassword
|
||||
// byte[] HP; // SHA1(GLMP)
|
||||
// byte[] HPES; // HP + EntrySalt
|
||||
// byte[] CHP; // SHA1(HPES)
|
||||
// byte[] PES; // EntrySalt completed to 20 bytes by zero
|
||||
// byte[] PESES; // PES + EntrySalt
|
||||
// byte[] k1;
|
||||
// byte[] tk;
|
||||
// byte[] k2;
|
||||
// byte[] k; // final value containing key and iv
|
||||
glmp := append(globalSalt, masterPwd...)
|
||||
hp := sha1.Sum(glmp)
|
||||
s := append(hp[:], entrySalt...)
|
||||
chp := sha1.Sum(s)
|
||||
pes := PaddingZero(entrySalt, 20)
|
||||
tk := hmac.New(sha1.New, chp[:])
|
||||
tk.Write(pes)
|
||||
pes = append(pes, entrySalt...)
|
||||
k1 := hmac.New(sha1.New, chp[:])
|
||||
k1.Write(pes)
|
||||
tkPlus := append(tk.Sum(nil), entrySalt...)
|
||||
k2 := hmac.New(sha1.New, chp[:])
|
||||
k2.Write(tkPlus)
|
||||
k := append(k1.Sum(nil), k2.Sum(nil)...)
|
||||
iv := k[len(k)-8:]
|
||||
key := k[:24]
|
||||
log.Debug("get firefox pbe key and iv success")
|
||||
return Des3Decrypt(key, iv, encrypted)
|
||||
}
|
||||
|
||||
@@ -1,29 +1,12 @@
|
||||
package decrypt
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"encoding/asn1"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
|
||||
"hack-browser-data/log"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
)
|
||||
|
||||
var (
|
||||
chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
|
||||
)
|
||||
|
||||
func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
var chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
|
||||
if len(encryptPass) > 3 {
|
||||
if len(key) == 0 {
|
||||
return nil, errSecurityKeyIsEmpty
|
||||
}
|
||||
m, err := aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
return m, err
|
||||
return aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
} else {
|
||||
return nil, errDecryptFailed
|
||||
}
|
||||
@@ -32,146 +15,3 @@ func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
func DPApi(data []byte) ([]byte, error) {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
/*
|
||||
SEQUENCE (2 elem)
|
||||
SEQUENCE (2 elem)
|
||||
OBJECT IDENTIFIER
|
||||
SEQUENCE (2 elem)
|
||||
OCTET STRING (20 byte)
|
||||
INTEGER 1
|
||||
OCTET STRING (16 byte)
|
||||
*/
|
||||
type MetaPBE struct {
|
||||
SequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type SequenceA struct {
|
||||
DecryptMethod asn1.ObjectIdentifier
|
||||
SequenceB
|
||||
}
|
||||
|
||||
type SequenceB struct {
|
||||
EntrySalt []byte
|
||||
Len int
|
||||
}
|
||||
|
||||
type NssPBE struct {
|
||||
SequenceNSSA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type SequenceNSSA struct {
|
||||
PKCS5PBES2 asn1.ObjectIdentifier
|
||||
SequenceNSSB
|
||||
}
|
||||
type SequenceNSSB struct {
|
||||
SequenceC
|
||||
SequenceD
|
||||
}
|
||||
|
||||
type SequenceC struct {
|
||||
PKCS5PBKDF2 asn1.ObjectIdentifier
|
||||
SequenceE
|
||||
}
|
||||
|
||||
type SequenceD struct {
|
||||
AES256CBC asn1.ObjectIdentifier
|
||||
IV []byte
|
||||
}
|
||||
|
||||
type SequenceE struct {
|
||||
EntrySalt []byte
|
||||
IterationCount int
|
||||
KeySize int
|
||||
SequenceF
|
||||
}
|
||||
|
||||
type SequenceF struct {
|
||||
HMACWithSHA256 asn1.ObjectIdentifier
|
||||
}
|
||||
|
||||
func DecodeMeta(decodeItem []byte) (pbe MetaPBE, err error) {
|
||||
_, err = asn1.Unmarshal(decodeItem, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func DecodeNss(nssA11Bytes []byte) (nss interface{}, err error) {
|
||||
var pbe NssPBE
|
||||
_, err = asn1.Unmarshal(nssA11Bytes, &pbe)
|
||||
|
||||
if err != nil {
|
||||
return DecodeMeta(nssA11Bytes)
|
||||
}
|
||||
|
||||
return pbe, err
|
||||
}
|
||||
|
||||
func Meta(globalSalt, masterPwd []byte, pbe MetaPBE) ([]byte, error) {
|
||||
return decryptMeta(globalSalt, masterPwd, pbe.EntrySalt, pbe.Encrypted)
|
||||
}
|
||||
|
||||
func Nss(globalSalt, masterPwd []byte, pbe interface{}) ([]byte, error) {
|
||||
switch pbe.(type) {
|
||||
case NssPBE:
|
||||
return decryptNss(globalSalt, masterPwd, pbe.(NssPBE).IV, pbe.(NssPBE).EntrySalt, pbe.(NssPBE).Encrypted, pbe.(NssPBE).IterationCount, pbe.(NssPBE).KeySize)
|
||||
case MetaPBE:
|
||||
return decryptMeta(globalSalt, masterPwd, pbe.(MetaPBE).EntrySalt, pbe.(MetaPBE).Encrypted)
|
||||
default:
|
||||
return nil, errors.New("decrypt nss failed")
|
||||
}
|
||||
}
|
||||
|
||||
func decryptMeta(globalSalt, masterPwd, entrySalt, encrypted []byte) ([]byte, error) {
|
||||
// byte[] GLMP; // GlobalSalt + MasterPassword
|
||||
// byte[] HP; // SHA1(GLMP)
|
||||
// byte[] HPES; // HP + EntrySalt
|
||||
// byte[] CHP; // SHA1(HPES)
|
||||
// byte[] PES; // EntrySalt completed to 20 bytes by zero
|
||||
// byte[] PESES; // PES + EntrySalt
|
||||
// byte[] k1;
|
||||
// byte[] tk;
|
||||
// byte[] k2;
|
||||
// byte[] k; // final value conytaining key and iv
|
||||
glmp := append(globalSalt, masterPwd...)
|
||||
hp := sha1.Sum(glmp)
|
||||
s := append(hp[:], entrySalt...)
|
||||
chp := sha1.Sum(s)
|
||||
pes := PaddingZero(entrySalt, 20)
|
||||
tk := hmac.New(sha1.New, chp[:])
|
||||
tk.Write(pes)
|
||||
pes = append(pes, entrySalt...)
|
||||
k1 := hmac.New(sha1.New, chp[:])
|
||||
k1.Write(pes)
|
||||
tkPlus := append(tk.Sum(nil), entrySalt...)
|
||||
k2 := hmac.New(sha1.New, chp[:])
|
||||
k2.Write(tkPlus)
|
||||
k := append(k1.Sum(nil), k2.Sum(nil)...)
|
||||
iv := k[len(k)-8:]
|
||||
key := k[:24]
|
||||
log.Warnf("key=%s iv=%s", hex.EncodeToString(key), hex.EncodeToString(iv))
|
||||
return Des3Decrypt(key, iv, encrypted)
|
||||
}
|
||||
|
||||
func decryptNss(globalSalt, masterPwd, nssIv, entrySalt, encrypted []byte, iter, keySize int) ([]byte, error) {
|
||||
k := sha1.Sum(globalSalt)
|
||||
log.Debug(hex.EncodeToString(k[:]))
|
||||
key := pbkdf2.Key(k[:], entrySalt, iter, keySize, sha256.New)
|
||||
log.Debug(hex.EncodeToString(key))
|
||||
i, err := hex.DecodeString("040e")
|
||||
if err != nil {
|
||||
log.Debug(err)
|
||||
}
|
||||
// @https://hg.mozilla.org/projects/nss/rev/fc636973ad06392d11597620b602779b4af312f6#l6.49
|
||||
iv := append(i, nssIv...)
|
||||
dst, err := aes128CBCDecrypt(key, iv, encrypted)
|
||||
if err != nil {
|
||||
log.Debug(err)
|
||||
}
|
||||
return dst, err
|
||||
}
|
||||
|
||||
@@ -3,16 +3,8 @@ package decrypt
|
||||
import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/sha1"
|
||||
"crypto/sha256"
|
||||
"encoding/asn1"
|
||||
"encoding/hex"
|
||||
"syscall"
|
||||
"unsafe"
|
||||
|
||||
"hack-browser-data/log"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
)
|
||||
|
||||
func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
@@ -76,87 +68,3 @@ func DPApi(data []byte) ([]byte, error) {
|
||||
defer procLocalFree.Call(uintptr(unsafe.Pointer(outBlob.pbData)))
|
||||
return outBlob.ToByteArray(), nil
|
||||
}
|
||||
|
||||
type NssPBE struct {
|
||||
SequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
|
||||
type MetaPBE struct {
|
||||
SequenceA
|
||||
Encrypted []byte
|
||||
}
|
||||
type SequenceA struct {
|
||||
PKCS5PBES2 asn1.ObjectIdentifier
|
||||
SequenceB
|
||||
}
|
||||
type SequenceB struct {
|
||||
SequenceC
|
||||
SequenceD
|
||||
}
|
||||
|
||||
type SequenceC struct {
|
||||
PKCS5PBKDF2 asn1.ObjectIdentifier
|
||||
SequenceE
|
||||
}
|
||||
|
||||
type SequenceD struct {
|
||||
AES256CBC asn1.ObjectIdentifier
|
||||
IV []byte
|
||||
}
|
||||
|
||||
type SequenceE struct {
|
||||
EntrySalt []byte
|
||||
IterationCount int
|
||||
KeySize int
|
||||
SequenceF
|
||||
}
|
||||
|
||||
type SequenceF struct {
|
||||
HMACWithSHA256 asn1.ObjectIdentifier
|
||||
}
|
||||
|
||||
func DecodeMeta(decodeItem []byte) (pbe MetaPBE, err error) {
|
||||
_, err = asn1.Unmarshal(decodeItem, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func DecodeNss(nssA11Bytes []byte) (pbe NssPBE, err error) {
|
||||
log.Debug(hex.EncodeToString(nssA11Bytes))
|
||||
_, err = asn1.Unmarshal(nssA11Bytes, &pbe)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func Meta(globalSalt, masterPwd []byte, pbe MetaPBE) ([]byte, error) {
|
||||
return decryptMeta(globalSalt, masterPwd, pbe.IV, pbe.EntrySalt, pbe.Encrypted, pbe.IterationCount, pbe.KeySize)
|
||||
}
|
||||
|
||||
func Nss(globalSalt, masterPwd []byte, pbe NssPBE) ([]byte, error) {
|
||||
return decryptMeta(globalSalt, masterPwd, pbe.IV, pbe.EntrySalt, pbe.Encrypted, pbe.IterationCount, pbe.KeySize)
|
||||
}
|
||||
|
||||
func decryptMeta(globalSalt, masterPwd, nssIv, entrySalt, encrypted []byte, iter, keySize int) ([]byte, error) {
|
||||
k := sha1.Sum(globalSalt)
|
||||
log.Debug(hex.EncodeToString(k[:]))
|
||||
key := pbkdf2.Key(k[:], entrySalt, iter, keySize, sha256.New)
|
||||
log.Debug(hex.EncodeToString(key))
|
||||
i, err := hex.DecodeString("040e")
|
||||
if err != nil {
|
||||
log.Debug(err)
|
||||
}
|
||||
// @https://hg.mozilla.org/projects/nss/rev/fc636973ad06392d11597620b602779b4af312f6#l6.49
|
||||
iv := append(i, nssIv...)
|
||||
dst, err := aes128CBCDecrypt(key, iv, encrypted)
|
||||
if err != nil {
|
||||
log.Debug(err)
|
||||
}
|
||||
return dst, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user