mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-07-14 21:47:19 +02:00
feat: decrypt Chromium v10/v11 across host OS
Chromium's v10 means AES-GCM on Windows but AES-CBC on macOS/Linux. Dispatch the cipher by master-key length (32B GCM, 16B CBC) so one binary can decrypt a key dumped from a different OS.
This commit is contained in:
@@ -6,18 +6,6 @@ import (
|
||||
"github.com/moond4rk/hackbrowserdata/utils/winapi"
|
||||
)
|
||||
|
||||
// gcmNonceSize is defined in crypto.go (cross-platform).
|
||||
const minGCMDataSize = versionPrefixLen + gcmNonceSize // "v10" + nonce = 15 bytes minimum
|
||||
|
||||
func DecryptChromium(key, ciphertext []byte) ([]byte, error) {
|
||||
if len(ciphertext) < minGCMDataSize {
|
||||
return nil, errShortCiphertext
|
||||
}
|
||||
nonce := ciphertext[versionPrefixLen : versionPrefixLen+gcmNonceSize]
|
||||
payload := ciphertext[versionPrefixLen+gcmNonceSize:]
|
||||
return AESGCMDecrypt(key, nonce, payload)
|
||||
}
|
||||
|
||||
// DecryptDPAPI decrypts a DPAPI-protected blob using the current user's
|
||||
// master key. The actual Win32 call (and its DATA_BLOB / LocalFree dance)
|
||||
// lives in utils/winapi so every package that needs a syscall handle
|
||||
|
||||
Reference in New Issue
Block a user