mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-23 19:14:01 +02:00
chore: update project layout
This commit is contained in:
moonD4rk
@@ -0,0 +1,152 @@
|
||||
package chromium
|
||||
|
||||
import (
|
||||
"io/fs"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"github.com/moond4rk/HackBrowserData/browingdata"
|
||||
"github.com/moond4rk/HackBrowserData/item"
|
||||
"github.com/moond4rk/HackBrowserData/utils/fileutil"
|
||||
"github.com/moond4rk/HackBrowserData/utils/typeutil"
|
||||
)
|
||||
|
||||
type Chromium struct {
|
||||
name string
|
||||
storage string
|
||||
profilePath string
|
||||
masterKey []byte
|
||||
items []item.Item
|
||||
itemPaths map[item.Item]string
|
||||
}
|
||||
|
||||
// New create instance of Chromium browser, fill item's path if item is existed.
|
||||
func New(name, storage, profilePath string, items []item.Item) ([]*Chromium, error) {
|
||||
c := &Chromium{
|
||||
name: name,
|
||||
storage: storage,
|
||||
profilePath: profilePath,
|
||||
items: items,
|
||||
}
|
||||
multiItemPaths, err := c.getMultiItemPath(c.profilePath, c.items)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
chromiumList := make([]*Chromium, 0, len(multiItemPaths))
|
||||
for user, itemPaths := range multiItemPaths {
|
||||
chromiumList = append(chromiumList, &Chromium{
|
||||
name: fileutil.BrowserName(name, user),
|
||||
items: typeutil.Keys(itemPaths),
|
||||
itemPaths: itemPaths,
|
||||
storage: storage,
|
||||
})
|
||||
}
|
||||
return chromiumList, nil
|
||||
}
|
||||
|
||||
func (c *Chromium) Name() string {
|
||||
return c.name
|
||||
}
|
||||
|
||||
func (c *Chromium) BrowsingData() (*browingdata.Data, error) {
|
||||
b := browingdata.New(c.items)
|
||||
|
||||
if err := c.copyItemToLocal(); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
masterKey, err := c.GetMasterKey()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
c.masterKey = masterKey
|
||||
if err := b.Recovery(c.masterKey); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return b, nil
|
||||
}
|
||||
|
||||
func (c *Chromium) copyItemToLocal() error {
|
||||
for i, path := range c.itemPaths {
|
||||
filename := i.String()
|
||||
var err error
|
||||
switch {
|
||||
case fileutil.FolderExists(path):
|
||||
if i == item.ChromiumLocalStorage {
|
||||
err = fileutil.CopyDir(path, filename, "lock")
|
||||
}
|
||||
if i == item.ChromiumExtension {
|
||||
err = fileutil.CopyDirHasSuffix(path, filename, "manifest.json")
|
||||
}
|
||||
default:
|
||||
err = fileutil.CopyFile(path, filename)
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *Chromium) getMultiItemPath(profilePath string, items []item.Item) (map[string]map[item.Item]string, error) {
|
||||
// multiItemPaths is a map of user to item path, map[profile 1][item's name & path key pair]
|
||||
multiItemPaths := make(map[string]map[item.Item]string)
|
||||
parentDir := fileutil.ParentDir(profilePath)
|
||||
err := filepath.Walk(parentDir, chromiumWalkFunc(items, multiItemPaths))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
var keyPath string
|
||||
var dir string
|
||||
for userDir, v := range multiItemPaths {
|
||||
for _, p := range v {
|
||||
if strings.HasSuffix(p, item.ChromiumKey.FileName()) {
|
||||
keyPath = p
|
||||
dir = userDir
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
t := make(map[string]map[item.Item]string)
|
||||
for userDir, v := range multiItemPaths {
|
||||
if userDir == dir {
|
||||
continue
|
||||
}
|
||||
t[userDir] = v
|
||||
t[userDir][item.ChromiumKey] = keyPath
|
||||
fillLocalStoragePath(t[userDir], item.ChromiumLocalStorage)
|
||||
}
|
||||
return t, nil
|
||||
}
|
||||
|
||||
func chromiumWalkFunc(items []item.Item, multiItemPaths map[string]map[item.Item]string) filepath.WalkFunc {
|
||||
return func(path string, info fs.FileInfo, err error) error {
|
||||
for _, v := range items {
|
||||
if info.Name() == v.FileName() {
|
||||
if strings.Contains(path, "System Profile") {
|
||||
continue
|
||||
}
|
||||
profileFolder := fileutil.ParentBaseDir(path)
|
||||
if strings.Contains(filepath.ToSlash(path), "/Network/Cookies") {
|
||||
profileFolder = fileutil.BaseDir(strings.ReplaceAll(filepath.ToSlash(path), "/Network/Cookies", ""))
|
||||
}
|
||||
if _, exist := multiItemPaths[profileFolder]; exist {
|
||||
multiItemPaths[profileFolder][v] = path
|
||||
} else {
|
||||
multiItemPaths[profileFolder] = map[item.Item]string{v: path}
|
||||
}
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
func fillLocalStoragePath(itemPaths map[item.Item]string, storage item.Item) {
|
||||
if p, ok := itemPaths[item.ChromiumHistory]; ok {
|
||||
lsp := filepath.Join(filepath.Dir(p), storage.FileName())
|
||||
if fileutil.FolderExists(lsp) {
|
||||
itemPaths[item.ChromiumLocalStorage] = lsp
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,59 @@
|
||||
//go:build darwin
|
||||
|
||||
package chromium
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/sha1"
|
||||
"errors"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
|
||||
"github.com/moond4rk/HackBrowserData/item"
|
||||
"github.com/moond4rk/HackBrowserData/log"
|
||||
)
|
||||
|
||||
var (
|
||||
errWrongSecurityCommand = errors.New("wrong security command")
|
||||
errCouldNotFindInKeychain = errors.New("could not be find in keychain")
|
||||
)
|
||||
|
||||
func (c *Chromium) GetMasterKey() ([]byte, error) {
|
||||
var (
|
||||
cmd *exec.Cmd
|
||||
stdout, stderr bytes.Buffer
|
||||
)
|
||||
// don't need chromium key file for macOS
|
||||
defer os.Remove(item.TempChromiumKey)
|
||||
// Get the master key from the keychain
|
||||
// $ security find-generic-password -wa 'Chrome'
|
||||
cmd = exec.Command("security", "find-generic-password", "-wa", strings.TrimSpace(c.storage)) //nolint:gosec
|
||||
cmd.Stdout = &stdout
|
||||
cmd.Stderr = &stderr
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if stderr.Len() > 0 {
|
||||
if strings.Contains(stderr.String(), "could not be found") {
|
||||
return nil, errCouldNotFindInKeychain
|
||||
}
|
||||
return nil, errors.New(stderr.String())
|
||||
}
|
||||
chromeSecret := bytes.TrimSpace(stdout.Bytes())
|
||||
if chromeSecret == nil {
|
||||
return nil, errWrongSecurityCommand
|
||||
}
|
||||
chromeSalt := []byte("saltysalt")
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_mac.mm;l=157
|
||||
key := pbkdf2.Key(chromeSecret, chromeSalt, 1003, 16, sha1.New)
|
||||
if key == nil {
|
||||
return nil, errWrongSecurityCommand
|
||||
}
|
||||
c.masterKey = key
|
||||
log.Infof("%s initialized master key success", c.name)
|
||||
return key, nil
|
||||
}
|
||||
@@ -0,0 +1,73 @@
|
||||
//go:build linux
|
||||
|
||||
package chromium
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"errors"
|
||||
"os"
|
||||
|
||||
"github.com/godbus/dbus/v5"
|
||||
keyring "github.com/ppacher/go-dbus-keyring"
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
|
||||
"github.com/moond4rk/HackBrowserData/item"
|
||||
"github.com/moond4rk/HackBrowserData/log"
|
||||
)
|
||||
|
||||
func (c *Chromium) GetMasterKey() ([]byte, error) {
|
||||
// what is d-bus @https://dbus.freedesktop.org/
|
||||
var chromiumSecret []byte
|
||||
conn, err := dbus.SessionBus()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer os.Remove(item.TempChromiumKey)
|
||||
svc, err := keyring.GetSecretService(conn)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
session, err := svc.OpenSession()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer func() {
|
||||
if err := session.Close(); err != nil {
|
||||
log.Errorf("close session failed: %v", err)
|
||||
}
|
||||
}()
|
||||
collections, err := svc.GetAllCollections()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, col := range collections {
|
||||
items, err := col.GetAllItems()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, i := range items {
|
||||
label, err := i.GetLabel()
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
continue
|
||||
}
|
||||
if label == c.storage {
|
||||
se, err := i.GetSecret(session.Path())
|
||||
if err != nil {
|
||||
return nil, errors.New("get storage from dbus error:" + err.Error())
|
||||
}
|
||||
chromiumSecret = se.Value
|
||||
}
|
||||
}
|
||||
}
|
||||
if chromiumSecret == nil {
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/main:components/os_crypt/os_crypt_linux.cc;l=100
|
||||
chromiumSecret = []byte("peanuts")
|
||||
}
|
||||
chromiumSalt := []byte("saltysalt")
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_linux.cc
|
||||
key := pbkdf2.Key(chromiumSecret, chromiumSalt, 1, 16, sha1.New)
|
||||
c.masterKey = key
|
||||
log.Infof("%s initialized master key success", c.name)
|
||||
return key, nil
|
||||
}
|
||||
@@ -0,0 +1,36 @@
|
||||
//go:build windows
|
||||
|
||||
package chromium
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"errors"
|
||||
"os"
|
||||
|
||||
"github.com/tidwall/gjson"
|
||||
|
||||
"github.com/moond4rk/HackBrowserData/item"
|
||||
"github.com/moond4rk/HackBrowserData/log"
|
||||
"github.com/moond4rk/HackBrowserData/utils/fileutil"
|
||||
)
|
||||
|
||||
var errDecodeMasterKeyFailed = errors.New("decode master key failed")
|
||||
|
||||
func (c *Chromium) GetMasterKey() ([]byte, error) {
|
||||
keyFile, err := fileutil.ReadFile(item.TempChromiumKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer os.Remove(keyFile)
|
||||
encryptedKey := gjson.Get(keyFile, "os_crypt.encrypted_key")
|
||||
if !encryptedKey.Exists() {
|
||||
return nil, nil
|
||||
}
|
||||
pureKey, err := base64.StdEncoding.DecodeString(encryptedKey.String())
|
||||
if err != nil {
|
||||
return nil, errDecodeMasterKeyFailed
|
||||
}
|
||||
c.masterKey, err = crypto.DPAPI(pureKey[5:])
|
||||
log.Infof("%s initialized master key success", c.name)
|
||||
return c.masterKey, err
|
||||
}
|
||||
Reference in New Issue
Block a user