CalvinBackup/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData.git synced 2026-05-19 18:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
4af2ded42855971308014bf2b515922d69e5cf39
HackBrowserData/browser/chromium/extract_password.go
T
Roger 068b82178f fix: improve extract parsing with proper decoding and error handling (#543) 
* fix: implement proper Chromium localStorage LevelDB parsing
* feat: add IsMeta field to StorageEntry and keep META entries
* fix: add error logging for decryption and missing data fields
* fix: address PR review for localStorage parsing
* fix: use naïve instead of café in Latin-1 test to avoid typos false positive
* fix: extension enabled detection and sessionStorage decoding
* fix: session storage origin resolution and extension enabled detection
* fix: address PR review comments for storage parsing
2026-04-04 18:52:54 +08:00

55 lines
1.7 KiB
Go
Raw Blame History

package chromium
import (
"database/sql"
"sort"
"github.com/moond4rk/hackbrowserdata/log"
"github.com/moond4rk/hackbrowserdata/types"
"github.com/moond4rk/hackbrowserdata/utils/sqliteutil"
"github.com/moond4rk/hackbrowserdata/utils/typeutil"
)
const defaultLoginQuery = `SELECT origin_url, username_value, password_value, date_created FROM logins`
func extractPasswords(masterKey []byte, path string) ([]types.LoginEntry, error) {
return extractPasswordsWithQuery(masterKey, path, defaultLoginQuery)
}
func extractPasswordsWithQuery(masterKey []byte, path, query string) ([]types.LoginEntry, error) {
logins, err := sqliteutil.QueryRows(path, false, query,
func(rows *sql.Rows) (types.LoginEntry, error) {
var url, username string
var pwd []byte
var created int64
if err := rows.Scan(&url, &username, &pwd, &created); err != nil {
return types.LoginEntry{}, err
}
password, err := decryptValue(masterKey, pwd)
if err != nil {
log.Debugf("decrypt password for %s: %v", url, err)
}
return types.LoginEntry{
URL: url,
Username: username,
Password: string(password),
CreatedAt: typeutil.TimeEpoch(created),
}, nil
})
if err != nil {
return nil, err
}
sort.Slice(logins, func(i, j int) bool {
return logins[i].CreatedAt.After(logins[j].CreatedAt)
})
return logins, nil
}
// extractYandexPasswords extracts passwords from Yandex's Ya Passman Data,
// which stores the URL in action_url instead of origin_url.
func extractYandexPasswords(masterKey []byte, path string) ([]types.LoginEntry, error) {
const yandexLoginQuery = `SELECT action_url, username_value, password_value, date_created FROM logins`
return extractPasswordsWithQuery(masterKey, path, yandexLoginQuery)
}
Reference in New Issue View Git Blame Copy Permalink