mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
Roger
1a3aea553e
* feat: add Firefox Browser implementation with new v2 architecture Add Firefox NewBrowsers + Extract pipeline following the Chromium v2 pattern. Firefox-specific differences handled: - Profile discovery: random directory names (e.g. abc123.default-release) - Master key: NSS/ASN1PBE from key4.db (platform-agnostic, no DPAPI/Keychain) - Key validation: reuse logins.json from acquireFiles tempPaths - Extract: only Password needs masterKey; Cookie is plaintext - No CreditCard or SessionStorage support Files: - firefox_new.go: Browser struct, NewBrowsers, Extract, getMasterKey, extractCategory, deriveKeys, validateKeyWithLogins, profile discovery - masterkey.go: extracted shared NSS logic (processMasterKey, queryMetaData, queryNssPrivateCandidates, parseLoginCipherPairs, canDecryptAnyLoginCipherPair) - firefox_new_test.go: table-driven tests with shared fixtures - source.go: remove dataSource wrapper, use []sourcePath directly - firefox.go: remove functions moved to masterkey.go * fix: address Copilot review feedback on Firefox v2 - Fix stale comment referencing removed readLoginCipherPairs - Rename finallyKey to derivedKey for clarity in processMasterKey - Add sqlite driver import to masterkey.go for self-containedness * refactor: rewrite Firefox masterkey and improve naming Masterkey rewrite: - Replace raw SQL functions with structured key4DB type (globalSalt, passwordCheck, privateKeys) for clear data modeling - Split processMasterKey into verifyPasswordCheck + decryptPrivateKey - Add nssKeyTypeTag constant for the magic bytes - Rename finallyKey to derivedKey - Add sqlite driver import for self-containedness - Return error (not fallback) when logins validation explicitly fails Naming cleanup: - loginPair → encryptedLogin (clarify these are encrypted blobs) - parseLoginPairs → sampleEncryptedLogins (clarify sampling purpose) - canDecryptLogin → tryDecryptLogins (accurate verb, plural alignment) - Expand abbreviated variables: p→login, uPBE→userPBE, pPBE→pwdPBE Password extraction: - Keep entries when decryptPBE fails (URL preserved, user/pwd empty) - Align with Chromium behavior where decrypt failure doesn't skip records Old code cleanup: - firefox.go GetMasterKey now delegates to retrieveMasterKey - Remove functions moved to masterkey.go * docs: add RFC-003 for crypto package naming cleanup Track accumulated naming and structural issues in crypto/asn1pbe.go and cross-browser shared code for a future dedicated refactoring pass. * refactor: move masterkey tests to masterkey_test.go - Rename firefox_test.go to masterkey_test.go since all tests in this file test masterkey.go functions (readKey4DB, sampleEncryptedLogins) - Fix TestReadKey4DB to check nssPrivate rows as a set instead of assuming SQLite insertion order - Future deletion of firefox.go won't accidentally remove masterkey tests
260 lines
7.6 KiB
Go
260 lines
7.6 KiB
Go
package firefox
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/moond4rk/hackbrowserdata/types"
|
|
)
|
|
|
|
// Shared fixtures built once for all tests.
|
|
var fixture struct {
|
|
root string
|
|
multiProf string // two Firefox profiles + non-profile dir
|
|
singleProf string // one profile with all data files
|
|
partial string // profile missing some files
|
|
empty string
|
|
}
|
|
|
|
func TestMain(m *testing.M) {
|
|
root, err := os.MkdirTemp("", "firefox-test-*")
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
fixture.root = root
|
|
buildFixtures()
|
|
code := m.Run()
|
|
os.RemoveAll(root)
|
|
os.Exit(code)
|
|
}
|
|
|
|
func buildFixtures() {
|
|
allFiles := []string{
|
|
"places.sqlite", "cookies.sqlite", "logins.json",
|
|
"extensions.json", "webappsstore.sqlite", "key4.db",
|
|
}
|
|
|
|
// Multi-profile: two valid profiles + one non-profile directory
|
|
fixture.multiProf = filepath.Join(fixture.root, "multi")
|
|
for _, prof := range []string{"abc123.default-release", "xyz789.default"} {
|
|
for _, f := range allFiles {
|
|
mkFile(fixture.multiProf, prof, f)
|
|
}
|
|
}
|
|
mkDir(fixture.multiProf, "Crash Reports")
|
|
mkDir(fixture.multiProf, "Pending Pings")
|
|
|
|
// Single profile: one profile with all files
|
|
fixture.singleProf = filepath.Join(fixture.root, "single")
|
|
for _, f := range allFiles {
|
|
mkFile(fixture.singleProf, "m1n2o3.default-release", f)
|
|
}
|
|
|
|
// Partial profile: only places.sqlite (no logins, no cookies)
|
|
fixture.partial = filepath.Join(fixture.root, "partial")
|
|
mkFile(fixture.partial, "p4q5r6.default", "places.sqlite")
|
|
|
|
// Empty directory
|
|
fixture.empty = filepath.Join(fixture.root, "empty")
|
|
mkDir(fixture.empty)
|
|
}
|
|
|
|
func mkFile(parts ...string) {
|
|
path := filepath.Join(parts...)
|
|
if err := os.MkdirAll(filepath.Dir(path), 0o755); err != nil {
|
|
panic(err)
|
|
}
|
|
if err := os.WriteFile(path, []byte("test"), 0o644); err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
func mkDir(parts ...string) {
|
|
if err := os.MkdirAll(filepath.Join(parts...), 0o755); err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
|
|
// TestNewBrowsers is table-driven, covering all profile discovery scenarios.
|
|
func TestNewBrowsers(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
dir string
|
|
wantProfiles []string // expected profile base names
|
|
skipDirs []string // should NOT appear as profiles
|
|
}{
|
|
{
|
|
name: "multi-profile discovery",
|
|
dir: fixture.multiProf,
|
|
wantProfiles: []string{"abc123.default-release", "xyz789.default"},
|
|
skipDirs: []string{"Crash Reports", "Pending Pings"},
|
|
},
|
|
{
|
|
name: "single profile",
|
|
dir: fixture.singleProf,
|
|
wantProfiles: []string{"m1n2o3.default-release"},
|
|
},
|
|
{
|
|
name: "partial profile",
|
|
dir: fixture.partial,
|
|
wantProfiles: []string{"p4q5r6.default"},
|
|
},
|
|
{
|
|
name: "empty dir",
|
|
dir: fixture.empty,
|
|
},
|
|
{
|
|
name: "nonexistent dir",
|
|
dir: "/nonexistent/path",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
cfg := types.BrowserConfig{Name: "Firefox", Kind: types.KindFirefox, UserDataDir: tt.dir}
|
|
browsers, err := NewBrowsers(cfg)
|
|
require.NoError(t, err)
|
|
|
|
if len(tt.wantProfiles) == 0 {
|
|
assert.Empty(t, browsers)
|
|
return
|
|
}
|
|
require.Len(t, browsers, len(tt.wantProfiles))
|
|
|
|
profileNames := make(map[string]bool)
|
|
for _, b := range browsers {
|
|
profileNames[filepath.Base(b.profileDir)] = true
|
|
}
|
|
for _, want := range tt.wantProfiles {
|
|
assert.True(t, profileNames[want], "should find profile %s", want)
|
|
}
|
|
for _, skip := range tt.skipDirs {
|
|
assert.False(t, profileNames[skip], "should not find %s", skip)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestResolveSourcePaths verifies that source resolution correctly maps
|
|
// categories to files, including shared files (places.sqlite).
|
|
func TestResolveSourcePaths(t *testing.T) {
|
|
profileDir := filepath.Join(fixture.singleProf, "m1n2o3.default-release")
|
|
resolved := resolveSourcePaths(firefoxSources, profileDir)
|
|
|
|
// All categories should be resolved
|
|
for _, cat := range []types.Category{
|
|
types.Password, types.Cookie, types.History,
|
|
types.Download, types.Bookmark, types.Extension, types.LocalStorage,
|
|
} {
|
|
assert.Contains(t, resolved, cat, "should resolve %s", cat)
|
|
}
|
|
|
|
// History, Download, Bookmark share places.sqlite
|
|
assert.Equal(t, resolved[types.History].absPath, resolved[types.Download].absPath)
|
|
assert.Equal(t, resolved[types.History].absPath, resolved[types.Bookmark].absPath)
|
|
|
|
// Password is a different file
|
|
assert.NotEqual(t, resolved[types.Password].absPath, resolved[types.History].absPath)
|
|
}
|
|
|
|
func TestResolveSourcePaths_Partial(t *testing.T) {
|
|
profileDir := filepath.Join(fixture.partial, "p4q5r6.default")
|
|
resolved := resolveSourcePaths(firefoxSources, profileDir)
|
|
|
|
// Only places.sqlite exists → History, Download, Bookmark resolved
|
|
assert.Contains(t, resolved, types.History)
|
|
assert.Contains(t, resolved, types.Download)
|
|
assert.Contains(t, resolved, types.Bookmark)
|
|
|
|
// No logins.json, cookies.sqlite, etc.
|
|
assert.NotContains(t, resolved, types.Password)
|
|
assert.NotContains(t, resolved, types.Cookie)
|
|
assert.NotContains(t, resolved, types.Extension)
|
|
}
|
|
|
|
// TestExtractCategory verifies that the switch dispatch works for each category.
|
|
func TestExtractCategory(t *testing.T) {
|
|
t.Run("History", func(t *testing.T) {
|
|
path := createTestDB(t, "places.sqlite",
|
|
[]string{mozPlacesSchema},
|
|
insertMozPlace(1, "https://example.com", "Example", 3, 1000000),
|
|
insertMozPlace(2, "https://go.dev", "Go", 1, 2000000),
|
|
)
|
|
b := &Browser{name: "Test"}
|
|
data := &types.BrowserData{}
|
|
b.extractCategory(data, types.History, nil, path)
|
|
|
|
require.Len(t, data.Histories, 2)
|
|
// Firefox sorts by visit count ascending
|
|
assert.Equal(t, 1, data.Histories[0].VisitCount)
|
|
assert.Equal(t, 3, data.Histories[1].VisitCount)
|
|
})
|
|
|
|
t.Run("Cookie", func(t *testing.T) {
|
|
path := createTestDB(t, "cookies.sqlite",
|
|
[]string{mozCookiesSchema},
|
|
insertMozCookie("session", "abc", ".example.com", "/", 1000000000000, 0, 0, 0),
|
|
)
|
|
b := &Browser{name: "Test"}
|
|
data := &types.BrowserData{}
|
|
b.extractCategory(data, types.Cookie, nil, path)
|
|
|
|
require.Len(t, data.Cookies, 1)
|
|
assert.Equal(t, "session", data.Cookies[0].Name)
|
|
assert.Equal(t, "abc", data.Cookies[0].Value) // Firefox cookies are not encrypted
|
|
})
|
|
|
|
t.Run("Bookmark", func(t *testing.T) {
|
|
path := createTestDB(t, "places.sqlite",
|
|
[]string{mozPlacesSchema, mozBookmarksSchema},
|
|
insertMozPlace(1, "https://github.com", "GitHub", 1, 1000000),
|
|
insertMozBookmark(1, 1, 1, "GitHub", 1000000),
|
|
)
|
|
b := &Browser{name: "Test"}
|
|
data := &types.BrowserData{}
|
|
b.extractCategory(data, types.Bookmark, nil, path)
|
|
|
|
require.Len(t, data.Bookmarks, 1)
|
|
assert.Equal(t, "GitHub", data.Bookmarks[0].Name)
|
|
})
|
|
|
|
t.Run("Extension", func(t *testing.T) {
|
|
path := createTestJSON(t, "extensions.json", `{
|
|
"addons": [
|
|
{
|
|
"id": "ublock@example.com",
|
|
"location": "app-profile",
|
|
"active": true,
|
|
"version": "1.0",
|
|
"defaultLocale": {"name": "uBlock Origin", "description": "Ad blocker"}
|
|
},
|
|
{
|
|
"id": "system@mozilla.com",
|
|
"location": "app-system-defaults",
|
|
"active": true
|
|
}
|
|
]
|
|
}`)
|
|
b := &Browser{name: "Test"}
|
|
data := &types.BrowserData{}
|
|
b.extractCategory(data, types.Extension, nil, path)
|
|
|
|
require.Len(t, data.Extensions, 1) // system extension skipped
|
|
assert.Equal(t, "uBlock Origin", data.Extensions[0].Name)
|
|
})
|
|
|
|
t.Run("UnsupportedCategory", func(t *testing.T) {
|
|
b := &Browser{name: "Test"}
|
|
data := &types.BrowserData{}
|
|
// CreditCard and SessionStorage are not supported by Firefox
|
|
b.extractCategory(data, types.CreditCard, nil, "unused")
|
|
b.extractCategory(data, types.SessionStorage, nil, "unused")
|
|
assert.Empty(t, data.CreditCards)
|
|
assert.Empty(t, data.SessionStorage)
|
|
})
|
|
}
|