dev-feat: add chromium browser for macos

2026-05-19 18:58:03 +02:00 · 2021-12-31 16:50:50 +08:00
parent d78a68c957
commit c8717e3009
22 changed files with 1337 additions and 0 deletions
@@ -0,0 +1,64 @@
+package data
+
+import (
+	"sort"
+
+	"github.com/tidwall/gjson"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/utils"
+)
+
+type ChromiumBookmark []bookmark
+
+func (c *ChromiumBookmark) Parse(masterKey []byte) error {
+	bookmarks, err := utils.ReadFile(consts.ChromiumBookmarkFilename)
+	if err != nil {
+		return err
+	}
+	r := gjson.Parse(bookmarks)
+	if r.Exists() {
+		roots := r.Get("roots")
+		roots.ForEach(func(key, value gjson.Result) bool {
+			getBookmarkChildren(value, c)
+			return true
+		})
+	}
+	sort.Slice(*c, func(i, j int) bool {
+		return (*c)[i].DateAdded.After((*c)[j].DateAdded)
+	})
+	return nil
+}
+
+func getBookmarkChildren(value gjson.Result, w *ChromiumBookmark) (children gjson.Result) {
+	const (
+		bookmarkID       = "id"
+		bookmarkAdded    = "date_added"
+		bookmarkUrl      = "url"
+		bookmarkName     = "name"
+		bookmarkType     = "type"
+		bookmarkChildren = "children"
+	)
+	nodeType := value.Get(bookmarkType)
+	bm := bookmark{
+		ID:        value.Get(bookmarkID).Int(),
+		Name:      value.Get(bookmarkName).String(),
+		URL:       value.Get(bookmarkUrl).String(),
+		DateAdded: utils.TimeEpochFormat(value.Get(bookmarkAdded).Int()),
+	}
+	children = value.Get(bookmarkChildren)
+	if nodeType.Exists() {
+		bm.Type = nodeType.String()
+		*w = append(*w, bm)
+		if children.Exists() && children.IsArray() {
+			for _, v := range children.Array() {
+				children = getBookmarkChildren(v, w)
+			}
+		}
+	}
+	return children
+}
+
+func (c *ChromiumBookmark) Name() string {
+	return "bookmark"
+}
@@ -0,0 +1,7 @@
+package data
+
+type BrowsingData interface {
+	Parse(masterKey []byte) error
+
+	Name() string
+}
@@ -0,0 +1,74 @@
+package data
+
+import (
+	"database/sql"
+	"fmt"
+	"sort"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/pkg/decrypter"
+	"hack-browser-data/utils"
+)
+
+type ChromiumCookie []cookie
+
+func (c *ChromiumCookie) Parse(masterKey []byte) error {
+	cookieDB, err := sql.Open("sqlite3", consts.ChromiumCookieFilename)
+	if err != nil {
+		return err
+	}
+	defer cookieDB.Close()
+	rows, err := cookieDB.Query(queryChromiumCookie)
+	if err != nil {
+		return err
+	}
+	defer rows.Close()
+	for rows.Next() {
+		var (
+			key, host, path                               string
+			isSecure, isHTTPOnly, hasExpire, isPersistent int
+			createDate, expireDate                        int64
+			value, encryptValue                           []byte
+		)
+		if err = rows.Scan(&key, &encryptValue, &host, &path, &createDate, &expireDate, &isSecure, &isHTTPOnly, &hasExpire, &isPersistent); err != nil {
+			fmt.Println(err)
+		}
+
+		cookie := cookie{
+			KeyName:      key,
+			Host:         host,
+			Path:         path,
+			encryptValue: encryptValue,
+			IsSecure:     utils.IntToBool(isSecure),
+			IsHTTPOnly:   utils.IntToBool(isHTTPOnly),
+			HasExpire:    utils.IntToBool(hasExpire),
+			IsPersistent: utils.IntToBool(isPersistent),
+			CreateDate:   utils.TimeEpochFormat(createDate),
+			ExpireDate:   utils.TimeEpochFormat(expireDate),
+		}
+		// TODO: replace DPAPI
+		if len(encryptValue) > 0 {
+			if masterKey == nil {
+				value, err = decrypter.DPApi(encryptValue)
+				if err != nil {
+					fmt.Println(err)
+				}
+			} else {
+				value, err = decrypter.ChromePass(masterKey, encryptValue)
+				if err != nil {
+					fmt.Println(err)
+				}
+			}
+		}
+		cookie.Value = string(value)
+		*c = append(*c, cookie)
+	}
+	sort.Slice(*c, func(i, j int) bool {
+		return (*c)[i].CreateDate.After((*c)[j].CreateDate)
+	})
+	return nil
+}
+
+func (c *ChromiumCookie) Name() string {
+	return "cookie"
+}
@@ -0,0 +1,56 @@
+package data
+
+import (
+	"database/sql"
+	"fmt"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/pkg/decrypter"
+)
+
+type ChromiumCreditCard []card
+
+func (c *ChromiumCreditCard) Parse(masterKey []byte) error {
+	creditDB, err := sql.Open("sqlite3", consts.ChromiumCreditFilename)
+	if err != nil {
+		return err
+	}
+	defer creditDB.Close()
+	rows, err := creditDB.Query(queryChromiumCredit)
+	if err != nil {
+		return err
+	}
+	defer rows.Close()
+	for rows.Next() {
+		var (
+			name, month, year, guid string
+			value, encryptValue     []byte
+		)
+		if err := rows.Scan(&guid, &name, &month, &year, &encryptValue); err != nil {
+			fmt.Println(err)
+		}
+		creditCardInfo := card{
+			GUID:            guid,
+			Name:            name,
+			ExpirationMonth: month,
+			ExpirationYear:  year,
+		}
+		if masterKey == nil {
+			value, err = decrypter.DPApi(encryptValue)
+			if err != nil {
+				return err
+			}
+		} else {
+			value, err = decrypter.ChromePass(masterKey, encryptValue)
+			if err != nil {
+				return err
+			}
+		}
+		creditCardInfo.CardNumber = string(value)
+		*c = append(*c, creditCardInfo)
+	}
+	return nil
+}
+func (c *ChromiumCreditCard) Name() string {
+	return "creditcard"
+}
@@ -0,0 +1,51 @@
+package data
+
+import (
+	"database/sql"
+	"fmt"
+	"sort"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/utils"
+)
+
+type ChromiumDownload []download
+
+func (c *ChromiumDownload) Parse(masterKey []byte) error {
+	historyDB, err := sql.Open("sqlite3", consts.ChromiumDownloadFilename)
+	if err != nil {
+		return err
+	}
+	defer historyDB.Close()
+	rows, err := historyDB.Query(queryChromiumDownload)
+	if err != nil {
+		return err
+	}
+	defer rows.Close()
+	for rows.Next() {
+		var (
+			targetPath, tabUrl, mimeType   string
+			totalBytes, startTime, endTime int64
+		)
+		if err := rows.Scan(&targetPath, &tabUrl, &totalBytes, &startTime, &endTime, &mimeType); err != nil {
+			fmt.Println(err)
+		}
+		data := download{
+			TargetPath: targetPath,
+			Url:        tabUrl,
+			TotalBytes: totalBytes,
+			StartTime:  utils.TimeEpochFormat(startTime),
+			EndTime:    utils.TimeEpochFormat(endTime),
+			MimeType:   mimeType,
+		}
+		*c = append(*c, data)
+	}
+	sort.Slice(*c, func(i, j int) bool {
+		return (*c)[i].TotalBytes > (*c)[j].TotalBytes
+	})
+	return nil
+}
+
+func (c *ChromiumDownload) Name() string {
+	return "download"
+}
@@ -0,0 +1,51 @@
+package data
+
+import (
+	"database/sql"
+	"fmt"
+	"sort"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/utils"
+)
+
+type ChromiumHistory []history
+
+func (c *ChromiumHistory) Parse(masterKey []byte) error {
+	historyDB, err := sql.Open("sqlite3", consts.ChromiumHistoryFilename)
+	if err != nil {
+		return err
+	}
+	defer historyDB.Close()
+	rows, err := historyDB.Query(queryChromiumHistory)
+	if err != nil {
+		return err
+	}
+	defer rows.Close()
+	for rows.Next() {
+		var (
+			url, title    string
+			visitCount    int
+			lastVisitTime int64
+		)
+		// TODO: handle rows error
+		if err := rows.Scan(&url, &title, &visitCount, &lastVisitTime); err != nil {
+			fmt.Println(err)
+		}
+		data := history{
+			Url:           url,
+			Title:         title,
+			VisitCount:    visitCount,
+			LastVisitTime: utils.TimeEpochFormat(lastVisitTime),
+		}
+		*c = append(*c, data)
+	}
+	sort.Slice(*c, func(i, j int) bool {
+		return (*c)[i].VisitCount > (*c)[j].VisitCount
+	})
+	return nil
+}
+
+func (c *ChromiumHistory) Name() string {
+	return "history"
+}
@@ -0,0 +1,72 @@
+package data
+
+import (
+	"time"
+)
+
+const (
+	queryChromiumCredit   = `SELECT guid, name_on_card, expiration_month, expiration_year, card_number_encrypted FROM credit_cards`
+	queryChromiumLogin    = `SELECT origin_url, username_value, password_value, date_created FROM logins`
+	queryChromiumHistory  = `SELECT url, title, visit_count, last_visit_time FROM urls`
+	queryChromiumDownload = `SELECT target_path, tab_url, total_bytes, start_time, end_time, mime_type FROM downloads`
+	queryChromiumCookie   = `SELECT name, encrypted_value, host_key, path, creation_utc, expires_utc, is_secure, is_httponly, has_expires, is_persistent FROM cookies`
+	queryFirefoxHistory   = `SELECT id, url, last_visit_date, title, visit_count FROM moz_places where title not null`
+	queryFirefoxDownload  = `SELECT place_id, GROUP_CONCAT(content), url, dateAdded FROM (SELECT * FROM moz_annos INNER JOIN moz_places ON moz_annos.place_id=moz_places.id) t GROUP BY place_id`
+	queryFirefoxBookMark  = `SELECT id, url, type, dateAdded, title FROM (SELECT * FROM moz_bookmarks INNER JOIN moz_places ON moz_bookmarks.fk=moz_places.id)`
+	queryFirefoxCookie    = `SELECT name, value, host, path, creationTime, expiry, isSecure, isHttpOnly FROM moz_cookies`
+	queryMetaData         = `SELECT item1, item2 FROM metaData WHERE id = 'password'`
+	queryNssPrivate       = `SELECT a11, a102 from nssPrivate`
+	closeJournalMode      = `PRAGMA journal_mode=off`
+)
+
+type (
+	loginData struct {
+		UserName    string
+		encryptPass []byte
+		encryptUser []byte
+		Password    string
+		LoginUrl    string
+		CreateDate  time.Time
+	}
+	bookmark struct {
+		ID        int64
+		Name      string
+		Type      string
+		URL       string
+		DateAdded time.Time
+	}
+	cookie struct {
+		Host         string
+		Path         string
+		KeyName      string
+		encryptValue []byte
+		Value        string
+		IsSecure     bool
+		IsHTTPOnly   bool
+		HasExpire    bool
+		IsPersistent bool
+		CreateDate   time.Time
+		ExpireDate   time.Time
+	}
+	history struct {
+		Title         string
+		Url           string
+		VisitCount    int
+		LastVisitTime time.Time
+	}
+	download struct {
+		TargetPath string
+		Url        string
+		TotalBytes int64
+		StartTime  time.Time
+		EndTime    time.Time
+		MimeType   string
+	}
+	card struct {
+		GUID            string
+		Name            string
+		ExpirationYear  string
+		ExpirationMonth string
+		CardNumber      string
+	}
+)
@@ -0,0 +1,81 @@
+package data
+
+import (
+	"database/sql"
+	"fmt"
+	"sort"
+	"time"
+
+	"hack-browser-data/pkg/browser/consts"
+	"hack-browser-data/pkg/decrypter"
+	"hack-browser-data/utils"
+
+	_ "github.com/mattn/go-sqlite3"
+)
+
+type ChromiumPassword []loginData
+
+func (c *ChromiumPassword) Parse(masterKey []byte) error {
+	loginDB, err := sql.Open("sqlite3", consts.ChromiumPasswordFilename)
+	if err != nil {
+		return err
+	}
+	defer loginDB.Close()
+	rows, err := loginDB.Query(queryChromiumLogin)
+	if err != nil {
+		return err
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var (
+			url, username string
+			pwd, password []byte
+			create        int64
+		)
+		if err := rows.Scan(&url, &username, &pwd, &create); err != nil {
+			fmt.Println(err)
+		}
+		login := loginData{
+			UserName:    username,
+			encryptPass: pwd,
+			LoginUrl:    url,
+		}
+		if len(pwd) > 0 {
+			if masterKey == nil {
+				password, err = decrypter.DPApi(pwd)
+				if err != nil {
+					fmt.Println(err)
+				}
+			} else {
+				password, err = decrypter.ChromePass(masterKey, pwd)
+				if err != nil {
+					fmt.Println(err)
+				}
+			}
+		}
+		if create > time.Now().Unix() {
+			login.CreateDate = utils.TimeEpochFormat(create)
+		} else {
+			login.CreateDate = utils.TimeStampFormat(create)
+		}
+		login.Password = string(password)
+		*c = append(*c, login)
+	}
+	// sort with create date
+	sort.Slice(*c, func(i, j int) bool {
+		return (*c)[i].CreateDate.After((*c)[j].CreateDate)
+	})
+	return nil
+}
+
+func (c *ChromiumPassword) Name() string {
+	return "password"
+}
+
+type firefoxPassword struct {
+}
+
+func (c *firefoxPassword) Parse(masterKey []byte) error {
+	return nil
+}