mirror of
https://github.com/moonD4rk/HackBrowserData.git
synced 2026-05-19 18:58:03 +02:00
ᴍᴏᴏɴD4ʀᴋ
591b97ce6d
* feat: Refactor crypto decryption functions for consistency and error handling - Close #301 - Refactored and renamed decryption functions across multiple files for consistency - Updated cookie sorting method to sort in descending order - Added new encryption functions for AES in CBC and GCM modes and DES in CBC mode - Added error handling to decryption functions and created new error variables for invalid ciphertext length and decode failures - Test cases added for encryption and decryption functions - Removed unused code and imports. * chore: Add new words to .typos.toml dictionary - Add new terms to `.typos.toml` dictionary - Improve code formatting and readability - Refactor functions for better performance - Update comments and documentation - Resolve minor bugs and errors * refactor: Refactor crypto package for better structure and readability - Refactored and cleaned up crypto package code for better readability - Renamed `ToByteArray` method to `bytes` for consistency - Modified `DecryptWithDPAPI` method to use `outBlob.bytes()` for efficiency - Added comments and removed unused methods in `loginPBE` - Refactored `nssPBE` and `metaPBE` Decrypt methods to use `deriveKeyAndIV` helper method - Improved overall maintainability and organization of codebase * refactor: Refactor firefox password encryption and decryption. - Implement ASN1PBE interface with various PBE struct types and encryption/decryption methods - Fix naming and remove unused variables in browsingdata and crypto files - Add tests for ASN1PBE implementation using external assertion package - Refactor and improve error handling in firefox file functions related to master key retrieval - Add input validation and AES-GCM encryption function to crypto file
153 lines
3.7 KiB
Go
153 lines
3.7 KiB
Go
package cookie
|
|
|
|
import (
|
|
"database/sql"
|
|
"log/slog"
|
|
"os"
|
|
"sort"
|
|
"time"
|
|
|
|
// import sqlite3 driver
|
|
_ "modernc.org/sqlite"
|
|
|
|
"github.com/moond4rk/hackbrowserdata/crypto"
|
|
"github.com/moond4rk/hackbrowserdata/item"
|
|
"github.com/moond4rk/hackbrowserdata/utils/typeutil"
|
|
)
|
|
|
|
type ChromiumCookie []cookie
|
|
|
|
type cookie struct {
|
|
Host string
|
|
Path string
|
|
KeyName string
|
|
encryptValue []byte
|
|
Value string
|
|
IsSecure bool
|
|
IsHTTPOnly bool
|
|
HasExpire bool
|
|
IsPersistent bool
|
|
CreateDate time.Time
|
|
ExpireDate time.Time
|
|
}
|
|
|
|
const (
|
|
queryChromiumCookie = `SELECT name, encrypted_value, host_key, path, creation_utc, expires_utc, is_secure, is_httponly, has_expires, is_persistent FROM cookies`
|
|
)
|
|
|
|
func (c *ChromiumCookie) Parse(masterKey []byte) error {
|
|
db, err := sql.Open("sqlite", item.ChromiumCookie.TempFilename())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer os.Remove(item.ChromiumCookie.TempFilename())
|
|
defer db.Close()
|
|
rows, err := db.Query(queryChromiumCookie)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer rows.Close()
|
|
for rows.Next() {
|
|
var (
|
|
key, host, path string
|
|
isSecure, isHTTPOnly, hasExpire, isPersistent int
|
|
createDate, expireDate int64
|
|
value, encryptValue []byte
|
|
)
|
|
if err = rows.Scan(&key, &encryptValue, &host, &path, &createDate, &expireDate, &isSecure, &isHTTPOnly, &hasExpire, &isPersistent); err != nil {
|
|
slog.Error("scan chromium cookie error", "err", err)
|
|
}
|
|
|
|
cookie := cookie{
|
|
KeyName: key,
|
|
Host: host,
|
|
Path: path,
|
|
encryptValue: encryptValue,
|
|
IsSecure: typeutil.IntToBool(isSecure),
|
|
IsHTTPOnly: typeutil.IntToBool(isHTTPOnly),
|
|
HasExpire: typeutil.IntToBool(hasExpire),
|
|
IsPersistent: typeutil.IntToBool(isPersistent),
|
|
CreateDate: typeutil.TimeEpoch(createDate),
|
|
ExpireDate: typeutil.TimeEpoch(expireDate),
|
|
}
|
|
if len(encryptValue) > 0 {
|
|
if len(masterKey) == 0 {
|
|
value, err = crypto.DecryptWithDPAPI(encryptValue)
|
|
} else {
|
|
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
|
|
}
|
|
if err != nil {
|
|
slog.Error("decrypt chromium cookie error", "err", err)
|
|
}
|
|
}
|
|
cookie.Value = string(value)
|
|
*c = append(*c, cookie)
|
|
}
|
|
sort.Slice(*c, func(i, j int) bool {
|
|
return (*c)[i].CreateDate.After((*c)[j].CreateDate)
|
|
})
|
|
return nil
|
|
}
|
|
|
|
func (c *ChromiumCookie) Name() string {
|
|
return "cookie"
|
|
}
|
|
|
|
func (c *ChromiumCookie) Len() int {
|
|
return len(*c)
|
|
}
|
|
|
|
type FirefoxCookie []cookie
|
|
|
|
const (
|
|
queryFirefoxCookie = `SELECT name, value, host, path, creationTime, expiry, isSecure, isHttpOnly FROM moz_cookies`
|
|
)
|
|
|
|
func (f *FirefoxCookie) Parse(_ []byte) error {
|
|
db, err := sql.Open("sqlite", item.FirefoxCookie.TempFilename())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer os.Remove(item.FirefoxCookie.TempFilename())
|
|
defer db.Close()
|
|
|
|
rows, err := db.Query(queryFirefoxCookie)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer rows.Close()
|
|
for rows.Next() {
|
|
var (
|
|
name, value, host, path string
|
|
isSecure, isHTTPOnly int
|
|
creationTime, expiry int64
|
|
)
|
|
if err = rows.Scan(&name, &value, &host, &path, &creationTime, &expiry, &isSecure, &isHTTPOnly); err != nil {
|
|
slog.Error("scan firefox cookie error", "err", err)
|
|
}
|
|
*f = append(*f, cookie{
|
|
KeyName: name,
|
|
Host: host,
|
|
Path: path,
|
|
IsSecure: typeutil.IntToBool(isSecure),
|
|
IsHTTPOnly: typeutil.IntToBool(isHTTPOnly),
|
|
CreateDate: typeutil.TimeStamp(creationTime / 1000000),
|
|
ExpireDate: typeutil.TimeStamp(expiry),
|
|
Value: value,
|
|
})
|
|
}
|
|
|
|
sort.Slice(*f, func(i, j int) bool {
|
|
return (*f)[i].CreateDate.After((*f)[j].CreateDate)
|
|
})
|
|
return nil
|
|
}
|
|
|
|
func (f *FirefoxCookie) Name() string {
|
|
return "cookie"
|
|
}
|
|
|
|
func (f *FirefoxCookie) Len() int {
|
|
return len(*f)
|
|
}
|