mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
Roger
b3dd4ed6e4
* feat: add Chromium extract methods, source mapping, and tests Implement per-category data extraction for Chromium browsers as typed standalone functions, preparing for Phase 8 wiring into the new Chromium struct. New files: - source.go: dataSource struct, chromiumSources/yandexSources maps, yandexQueryOverrides for Yandex action_url variant - decrypt.go: decryptValue() wrapping platform-specific decryption - extract_password.go: SQLite + decrypt → []LoginEntry - extract_cookie.go: SQLite + decrypt → []CookieEntry - extract_creditcard.go: SQLite + decrypt → []CreditCardEntry - extract_history.go: SQLite → []HistoryEntry - extract_download.go: SQLite → []DownloadEntry - extract_bookmark.go: JSON recursive → []BookmarkEntry - extract_extension.go: JSON → []ExtensionEntry - extract_storage.go: LevelDB → []StorageEntry (local + session) - firefox/source.go: firefoxSources map Tests use real Chrome table schemas for SQLite fixtures, with INSERT helpers to keep test data readable and self-documenting. Ref #520 * fix: remove LevelDB invalid path test (Windows compatibility) leveldb.OpenFile creates the directory on Windows instead of returning an error, causing TestExtractLocalStorage_InvalidPath to fail in CI. This test was verifying LevelDB behavior, not our extraction logic. * refactor: remove unused query parameter from extract functions Only extractPasswords needs the query override (Yandex action_url). The other 7 SQLite extract functions always use their default query, so remove the unnecessary query parameter from their signatures. * refactor: use DetectVersion in decryptValue instead of blind fallback Replace try-then-fallback pattern with explicit version detection using crypto.DetectVersion. Routes v10 to DecryptWithChromium, DPAPI to DecryptWithDPAPI, and adds a TODO placeholder for v20 App-Bound Encryption. * chore: relax gocognit and gocritic linters for test files * revert: restore strict gocognit and gocritic linters for test files * fix: address review feedback on extract methods - Store DetectVersion result in local variable to avoid duplicate call - Scan credit card expiration_month/year as int then convert to string (matches INTEGER column type in real Chrome schema) - Add os.Stat check before leveldb.OpenFile to prevent creating empty directories for non-existent paths - Rename TestExtractExtensions_InvalidJSON to TestExtractExtensions_MissingSettingsPath (JSON is valid, path is missing) * fix: revert creditcard scan to string type for NULL safety modernc.org/sqlite handles INTEGER→string conversion automatically. Scanning into string is safer for nullable columns — NULL becomes "" instead of "0" which would be an invalid month/year.
36 lines
1.0 KiB
Go
36 lines
1.0 KiB
Go
package chromium
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestExtractCookies(t *testing.T) {
|
|
path := createTestDB(t, "Cookies", cookiesSchema,
|
|
insertCookie("session", ".old.com", "/", "", 13340000000000000, 13350000000000000, 1, 1),
|
|
insertCookie("token", ".new.com", "/api", "", 13360000000000000, 13370000000000000, 1, 0),
|
|
)
|
|
|
|
got, err := extractCookies(nil, path)
|
|
require.NoError(t, err)
|
|
require.Len(t, got, 2)
|
|
|
|
// Verify sort order: creation time descending (newest first)
|
|
assert.Equal(t, ".new.com", got[0].Host)
|
|
assert.Equal(t, ".old.com", got[1].Host)
|
|
|
|
// Verify field mapping
|
|
assert.Equal(t, "token", got[0].Name)
|
|
assert.Equal(t, "/api", got[0].Path)
|
|
assert.True(t, got[0].IsSecure)
|
|
assert.False(t, got[0].IsHTTPOnly) // httpOnly=0
|
|
assert.False(t, got[0].CreatedAt.IsZero())
|
|
assert.False(t, got[0].ExpireAt.IsZero())
|
|
assert.True(t, got[0].ExpireAt.After(got[0].CreatedAt))
|
|
|
|
// Verify second cookie flags
|
|
assert.True(t, got[1].IsHTTPOnly) // httpOnly=1
|
|
}
|