CalvinBackup/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData.git synced 2026-05-19 18:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
92053b85b062d3a46d3e708ec2ecb01fe87b442b
HackBrowserData/browser/firefox/extract_storage.go
T
Roger 1ec2781131 feat: add Firefox extract methods and complete data model fields (#527) 
* feat: add Firefox extract methods and complete data model fields

Firefox extract methods:
- extractPasswords: JSON + ASN1PBE decryption via decryptPBE helper
- extractCookies: SQLite, plaintext (no encryption), journalOff
- extractHistories: SQLite, visit count ASC sort (matches old behavior)
- extractDownloads: SQLite, moz_annos JOIN with JSON content parsing
- extractBookmarks: SQLite, moz_bookmarks JOIN moz_places
- extractExtensions: JSON, filter by location=app-profile
- extractLocalStorage: SQLite webappsstore2, reversed originKey parsing

Complete data model fields (union of Chromium and Firefox):
- CookieEntry: add HasExpire, IsPersistent
- DownloadEntry: add MimeType
- CreditCardEntry: add NickName, Address
- ExtensionEntry: add HomepageURL, Enabled

Update Chromium extractors to populate new fields:
- extract_cookie.go: fill HasExpire, IsPersistent
- extract_download.go: SELECT and fill mime_type
- extract_creditcard.go: SELECT nickname, billing_address_id
- extract_extension.go: fill HomepageURL, Enabled (state==1)

Tests:
- Full test coverage for all 7 Firefox extract functions
- Password test uses known ASN1PBE test vectors from crypto package
- Table-driven tests for parseOriginKey
- Updated Chromium tests for new fields

* fix: add COALESCE for nullable bookmark title in Firefox query

Firefox moz_bookmarks.title can be NULL (PR #500 fixed this in old code).
Add COALESCE to handle NULL gracefully in SQL instead of relying on
driver-specific NULL→string conversion behavior.

* fix: enable journalOff for all Firefox SQLite extractors and populate cookie flags

- Set journalOff=true for extract_history, extract_download, extract_bookmark
  (Firefox databases require PRAGMA journal_mode=off to avoid lock errors)
- Populate HasExpire and IsPersistent for Firefox cookies (derived from expiry>0)
- Add test assertions for HasExpire/IsPersistent in both Chromium and Firefox
2026-04-04 01:41:02 +08:00

45 lines
1.2 KiB
Go
Raw Blame History

package firefox
import (
"database/sql"
"fmt"
"strings"
"github.com/moond4rk/hackbrowserdata/types"
"github.com/moond4rk/hackbrowserdata/utils/sqliteutil"
"github.com/moond4rk/hackbrowserdata/utils/typeutil"
)
const firefoxLocalStorageQuery = `SELECT originKey, key, value FROM webappsstore2`
func extractLocalStorage(path string) ([]types.StorageEntry, error) {
return sqliteutil.QueryRows(path, true, firefoxLocalStorageQuery,
func(rows *sql.Rows) (types.StorageEntry, error) {
var originKey, key, value string
if err := rows.Scan(&originKey, &key, &value); err != nil {
return types.StorageEntry{}, err
}
return types.StorageEntry{
URL: parseOriginKey(originKey),
Key: key,
Value: value,
}, nil
})
}
// parseOriginKey converts Firefox's reversed origin format to a URL.
// Example: "moc.buhtig.:https:443" → "https://github.com:443"
func parseOriginKey(originKey string) string {
parts := strings.SplitN(originKey, ":", 3)
if len(parts) < 2 {
return originKey
}
host := string(typeutil.Reverse([]byte(parts[0])))
host = strings.TrimPrefix(host, ".")
scheme := parts[1]
if len(parts) == 3 {
return fmt.Sprintf("%s://%s:%s", scheme, host, parts[2])
}
return fmt.Sprintf("%s://%s", scheme, host)
}
Reference in New Issue View Git Blame Copy Permalink