Commit Graph

24 Commits

Author SHA1 Message Date
Roger 76e2615db2 refactor(windows): clean up Chrome ABE module (#574)
* refactor(abe): remove --abe-key flag and its global state
* refactor(abe): rework scratch protocol and Go/C structure
2026-04-19 15:20:51 +08:00
Roger 370c5882c4 feat: add Safari password extraction from macOS Keychain (#568) 2026-04-13 21:34:40 +08:00
Roger 4af2ded428 feat: cli migrate to cobra with subcommands (#550)
* feat: migrate CLI to cobra with dump/list/version subcommands (#546)
* fix: remove residual duckduckgo references and add README/LICENSE to release archives
* fix: address PR review feedback from Copilot
2026-04-05 14:25:51 +08:00
Roger 92053b85b0 chore: update golangci-lint config and fix lint issues (#542)
* chore: update golangci-lint config and fix lint issues
2026-04-04 16:26:07 +08:00
Roger 00ad0e0bd4 feat: add output package with Formatter interface (#537)
* docs: add RFC-004 for CLI (cobra) and output design
* feat: add output package with Formatter interface and BrowserData.Each
* fix: golangci config array syntax + add output package tests
* refactor: encapsulated Output as Writer, collect-then-write pattern
* refactor: unified row type with reflection-based CSV/JSON output
* fix: ProfileName empty guard, writeFile close error check, sync RFC-004
2026-04-04 01:41:02 +08:00
Roger 1ec2781131 feat: add Firefox extract methods and complete data model fields (#527)
* feat: add Firefox extract methods and complete data model fields

Firefox extract methods:
- extractPasswords: JSON + ASN1PBE decryption via decryptPBE helper
- extractCookies: SQLite, plaintext (no encryption), journalOff
- extractHistories: SQLite, visit count ASC sort (matches old behavior)
- extractDownloads: SQLite, moz_annos JOIN with JSON content parsing
- extractBookmarks: SQLite, moz_bookmarks JOIN moz_places
- extractExtensions: JSON, filter by location=app-profile
- extractLocalStorage: SQLite webappsstore2, reversed originKey parsing

Complete data model fields (union of Chromium and Firefox):
- CookieEntry: add HasExpire, IsPersistent
- DownloadEntry: add MimeType
- CreditCardEntry: add NickName, Address
- ExtensionEntry: add HomepageURL, Enabled

Update Chromium extractors to populate new fields:
- extract_cookie.go: fill HasExpire, IsPersistent
- extract_download.go: SELECT and fill mime_type
- extract_creditcard.go: SELECT nickname, billing_address_id
- extract_extension.go: fill HomepageURL, Enabled (state==1)

Tests:
- Full test coverage for all 7 Firefox extract functions
- Password test uses known ASN1PBE test vectors from crypto package
- Table-driven tests for parseOriginKey
- Updated Chromium tests for new fields

* fix: add COALESCE for nullable bookmark title in Firefox query

Firefox moz_bookmarks.title can be NULL (PR #500 fixed this in old code).
Add COALESCE to handle NULL gracefully in SQL instead of relying on
driver-specific NULL→string conversion behavior.

* fix: enable journalOff for all Firefox SQLite extractors and populate cookie flags

- Set journalOff=true for extract_history, extract_download, extract_bookmark
  (Firefox databases require PRAGMA journal_mode=off to avoid lock errors)
- Populate HasExpire and IsPersistent for Firefox cookies (derived from expiry>0)
- Add test assertions for HasExpire/IsPersistent in both Chromium and Firefox
2026-04-04 01:41:02 +08:00
Roger b3dd4ed6e4 feat: add Chromium extract methods and source mapping (#521)
* feat: add Chromium extract methods, source mapping, and tests

Implement per-category data extraction for Chromium browsers as typed
standalone functions, preparing for Phase 8 wiring into the new
Chromium struct.

New files:
- source.go: dataSource struct, chromiumSources/yandexSources maps,
  yandexQueryOverrides for Yandex action_url variant
- decrypt.go: decryptValue() wrapping platform-specific decryption
- extract_password.go: SQLite + decrypt → []LoginEntry
- extract_cookie.go: SQLite + decrypt → []CookieEntry
- extract_creditcard.go: SQLite + decrypt → []CreditCardEntry
- extract_history.go: SQLite → []HistoryEntry
- extract_download.go: SQLite → []DownloadEntry
- extract_bookmark.go: JSON recursive → []BookmarkEntry
- extract_extension.go: JSON → []ExtensionEntry
- extract_storage.go: LevelDB → []StorageEntry (local + session)
- firefox/source.go: firefoxSources map

Tests use real Chrome table schemas for SQLite fixtures, with INSERT
helpers to keep test data readable and self-documenting.

Ref #520

* fix: remove LevelDB invalid path test (Windows compatibility)

leveldb.OpenFile creates the directory on Windows instead of returning
an error, causing TestExtractLocalStorage_InvalidPath to fail in CI.
This test was verifying LevelDB behavior, not our extraction logic.

* refactor: remove unused query parameter from extract functions

Only extractPasswords needs the query override (Yandex action_url).
The other 7 SQLite extract functions always use their default query,
so remove the unnecessary query parameter from their signatures.

* refactor: use DetectVersion in decryptValue instead of blind fallback

Replace try-then-fallback pattern with explicit version detection using
crypto.DetectVersion. Routes v10 to DecryptWithChromium, DPAPI to
DecryptWithDPAPI, and adds a TODO placeholder for v20 App-Bound
Encryption.

* chore: relax gocognit and gocritic linters for test files

* revert: restore strict gocognit and gocritic linters for test files

* fix: address review feedback on extract methods

- Store DetectVersion result in local variable to avoid duplicate call
- Scan credit card expiration_month/year as int then convert to string
  (matches INTEGER column type in real Chrome schema)
- Add os.Stat check before leveldb.OpenFile to prevent creating empty
  directories for non-existent paths
- Rename TestExtractExtensions_InvalidJSON to
  TestExtractExtensions_MissingSettingsPath (JSON is valid, path is missing)

* fix: revert creditcard scan to string type for NULL safety

modernc.org/sqlite handles INTEGER→string conversion automatically.
Scanning into string is safer for nullable columns — NULL becomes ""
instead of "0" which would be an invalid month/year.
2026-04-04 01:41:01 +08:00
Roger 9fb5165fcb feat: add crypto/keyretriever with keychainbreaker integration (#518)
* feat: add crypto/keyretriever package for Chromium master key retrieval

* feat: complete keyretriever with gcoredump, chainbreaker, and tests

* refactor: replace internal chainbreaker with keychainbreaker v0.1.0

Replace the incomplete internal chainbreaker implementation (~1400 lines
of duplicated code) with the external keychainbreaker package, which
provides a complete, well-tested keychain parsing library.

Changes:
- Add github.com/moond4rk/keychainbreaker v0.1.0 dependency
- Update gcoredump_darwin.go to use keychainbreaker API (Open/Unlock/GenericPasswords)
- Add KeychainPasswordRetriever for password-based keychain unlocking
  with sync.Once caching across multiple browser queries
- Unify DefaultRetriever(keychainPassword string) signature across all platforms
- Delete utils/chainbreaker/ (696 lines + test + testdata)
- Delete crypto/keyretriever/chainbreaker_darwin.go (696 lines duplicate)
- Delete browser/exploit/gcoredump/ (duplicate of keyretriever version)
- Update chromium_darwin.go to use keyretriever.DecryptKeychain
- Clean up .golangci.yml lint exceptions and .gitignore entries
- Use errors.Is() instead of == for context.DeadlineExceeded check

* refactor: improve gcoredump exploit code quality and add comments
* fix: address Copilot review feedback on keyretriever
2026-04-04 01:41:01 +08:00
Roger d0971ca098 chore: update CI, golangci-lint, and CLAUDE.md (#511)
* chore: update CI, golangci-lint, and CLAUDE.md
* fix: resolve CI failures on Windows test and lint
* fix: resolve Windows test path and main.go line length lint issues
* fix: auto-format log/ with gofumpt, exclude pre-refactoring lint issues
* fix: resolve remaining lint issues, remove unnecessary exclusions
* fix: remove invalid G117 gosec rule, use text exclusion for secret pattern
* fix: align CI golangci-lint version with local (v2.4 -> v2.10)
2026-03-23 01:40:59 +08:00
Roger d101da627d fix: upgrade golangci-lint to v2 and modernize configuration (#487)
* fix: upgrade golangci-lint to v2 and modernize configuration

- Migrate from golangci-lint v1 to v2 configuration format
- Update GitHub Actions workflow to use golangci-lint-action@v8
- Set golangci-lint version to v2.2.0 for stability
- Add comprehensive linter configuration with Go 1.20 compatibility
- Temporarily disable strict linting rules to unblock development
- Configure formatters (gofmt, goimports, gci) separately per v2 requirements
- Add extensive exclusion rules for gradual rule enforcement

This change establishes a modern linting baseline that can be progressively
enhanced as code quality improves. All major linting issues have been
configured as non-blocking to allow incremental improvements.

* chore: update golangci-lint to v2.4.0 for compatibility

- Update golangci-lint version from v2.2.0 to v2.4.0 in GitHub Actions
- Aligns CI environment with local development version
- Resolves configuration validation errors

* fix: update golangci-lint config to v2.4.0 compatible format

- Remove deprecated v1 fields (skip-dirs, skip-files from run section)
- Move exclusions to linters.exclusions section
- Fix goimports.local-prefixes to be array format
- Remove gci.skip-generated and custom-order (not supported)
- Replace disable-all with default: standard
- Remove deprecated issues section, use linters.exclusions instead
- Fix output format from colored-line-number to text with colors
- Remove unsupported fields from linter settings

This ensures the config passes 'golangci-lint config verify' validation
2025-09-02 23:18:27 +08:00
ᴍᴏᴏɴD4ʀᴋ ad020cf135 chore: downgrade golang version to 1.20, support Windows 7. (#435)
* chore: downgrade golang version to 1.20, support windows 7

* chore: Update dependencies for Go project.

- Update dependencies in go.sum
- Improvements and optimizations in various files
- Bug fixes and error handling enhancements

* chore: Update modernc.org/sqlite library versions in go.mod and go.sum files

- Update version of `modernc.org/sqlite` to `v1.31.1` in `go.mod` and `go.sum` files
- Update module hash in `go.sum` file for `modernc.org/sqlite`
- Ensure consistency between `go.mod` and `go.sum` files in relation to `modernc.org/sqlite` version

* chore: replace log/slog with standard logger (#436)

* chore: replace log/slog with standard logger

* chore: Update Go dependencies and versions

- Update Go version from `1.22.5` to `1.20` and other dependencies
- Update critical dependencies to latest versions
- Ensure compatibility with new versions of dependencies

* chore: Optimize dependency management in workflows

- Update build and lint workflows to use `go mod tidy` for getting dependencies
- Change modules download mode to `'mod'` in linters configuration
- Add step to get dependencies in lint workflow

* refactor: Update dependencies and refactor Chromium key deletion logic

- Update `modernc.org/sqlite` to `v1.31.1` in `go.mod` and `go.sum`
- Increase version number to `0.5.0` in `cmd/hack-browser-data/main.go`
- Refactor and update logic for filtering and copying items in `browser/chromium/chromium.go`

* Improve logging functionality and data type conversion

- Add `String()` method to `DataType` enum in types.go
- Update log level to Debug in logger_test.go
- Set log level to Debug in `TestLoggerDebug` and `TestLoggerDebugf` functions
2024-10-22 13:01:13 +08:00
ᴍᴏᴏɴD4ʀᴋ f3d9540016 chore: Update dependencies to latest versions (#426)
* chore: Update dependencies to latest versions

- Update dependencies versions in `go.mod` file
- Address security vulnerabilities by updating third-party libraries
- Improve performance and stability with updated dependencies

* ci: Implement stronger crypto algorithms enforcement.

- Exclude weak crypto algorithms using `G405` in the `.golangci.yml` file.
2024-09-30 19:18:40 +08:00
ᴍᴏᴏɴD4ʀᴋ 536f2082f9 refactor: Optimize traversal browser data logic (#311)
* refactor: Refactor package names and imports for better code organization.
* refactor: Package imports and variable types for consistency
* chore: Disable unused-parameter rule in revive.
* refactor: Refactor and organize data extraction and browserdata parse.
* fix: rename wrong error message info
2024-04-12 20:01:29 +08:00
ᴍᴏᴏɴD4ʀᴋ 7bd5a06875 ci: Improve Golang code quality with updated lint configuration file (#307)
* refactor: Optimize code logic and reduce nesting.

* ci: Improve Golang code quality with updated configuration file

* chore: Update GitHub actions setup-go to version 5 and optimize caching.
2024-04-12 20:01:29 +08:00
moonD4rk 142d9e99e2 refactor: disable paralleltest lint ruler 2023-10-02 22:35:33 +08:00
moonD4rk 3316067af9 chore: Allow all library in depguard linter settings
- Add depguard linter settings to deny pkg github.com/pkg/errors in .golangci.yml file.
2023-06-06 19:45:53 +08:00
moonD4rk b65d3186c4 chore: update project layout 2023-03-10 14:52:26 +08:00
ᴍᴏᴏɴD4ʀᴋ b52627afc7 Merge branch 'fix/logbug' into master 2022-10-24 14:04:12 +08:00
moonD4rk 714e8a57b9 chore: remove abandoned linter 2022-10-24 13:36:01 +08:00
carr0t2 b8759530e9 fix: remove deprecated linter 2022-10-24 01:12:00 +08:00
ᴍᴏᴏɴD4ʀᴋ 2a0ed1ebbf chore: add lint ruler, exclude unused variable 2022-08-14 22:51:31 +08:00
ᴍᴏᴏɴD4ʀᴋ 63fc3a656a refactor: pass golang-ci lint check 2022-08-14 21:22:34 +08:00
ᴍᴏᴏɴD4ʀᴋ 77991605b2 chore: disable some lint ruler 2022-08-13 20:11:56 +08:00
ᴍᴏᴏɴD4ʀᴋ 916936b9ab chore: add golang-ci lint config 2022-08-13 18:23:14 +08:00