CalvinBackup/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData.git synced 2026-05-19 18:58:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ecf8ba05853dda5b4fc7aed73769559ddd231e3d
HackBrowserData/browser/chromium/extract_password_test.go
T

137 lines
4.1 KiB
Go
Raw Blame History

package chromium
import (
"bytes"
"crypto/sha1"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/moond4rk/hackbrowserdata/crypto/keyretriever"
)
func setupLoginDB(t *testing.T) string {
t.Helper()
return createTestDB(t, "Login Data", loginsSchema,
insertLogin("https://old.com", "https://old.com/login", "alice", "", 13340000000000000),
insertLogin("https://new.com", "https://new.com/login", "bob", "", 13360000000000000),
)
}
func TestExtractPasswords(t *testing.T) {
path := setupLoginDB(t)
got, err := extractPasswords(keyretriever.MasterKeys{}, path)
require.NoError(t, err)
require.Len(t, got, 2)
// Verify sort order: date created descending (newest first)
assert.Equal(t, "https://new.com", got[0].URL)
assert.Equal(t, "https://old.com", got[1].URL)
// Verify field mapping
assert.Equal(t, "bob", got[0].Username)
assert.False(t, got[0].CreatedAt.IsZero())
// Password is empty because masterKey is nil (decrypt returns empty)
assert.Empty(t, got[0].Password)
}
func TestCountPasswords(t *testing.T) {
path := setupLoginDB(t)
count, err := countPasswords(path)
require.NoError(t, err)
assert.Equal(t, 2, count)
}
func TestCountPasswords_Empty(t *testing.T) {
path := createTestDB(t, "Login Data", loginsSchema)
count, err := countPasswords(path)
require.NoError(t, err)
assert.Equal(t, 0, count)
}
func TestExtractYandexPasswords(t *testing.T) {
masterKey := bytes.Repeat([]byte{0x11}, 32)
dataKey := bytes.Repeat([]byte{0x22}, 32)
path := setupYandexPasswordDB(t, masterKey, dataKey, false,
yandexPassword{
OriginURL: "https://old.yandex.ru", UsernameElem: "u", UsernameVal: "alice",
PasswordElem: "p", SignonRealm: "https://old.yandex.ru", Password: "hunter2",
DateCreated: 13340000000000000,
},
yandexPassword{
OriginURL: "https://new.yandex.ru", UsernameElem: "u", UsernameVal: "bob",
PasswordElem: "p", SignonRealm: "https://new.yandex.ru", Password: "sesame",
DateCreated: 13360000000000000,
},
)
got, err := extractYandexPasswords(keyretriever.MasterKeys{V10: masterKey}, path)
require.NoError(t, err)
require.Len(t, got, 2)
// Sorted newest-first on CreatedAt.
assert.Equal(t, "https://new.yandex.ru", got[0].URL)
assert.Equal(t, "bob", got[0].Username)
assert.Equal(t, "sesame", got[0].Password)
assert.Equal(t, "hunter2", got[1].Password)
}
func TestExtractYandexPasswords_MasterPasswordSkipped(t *testing.T) {
masterKey := bytes.Repeat([]byte{0x11}, 32)
dataKey := bytes.Repeat([]byte{0x22}, 32)
path := setupYandexPasswordDB(t, masterKey, dataKey, true,
yandexPassword{
OriginURL: "https://yandex.ru", UsernameElem: "u", UsernameVal: "alice",
PasswordElem: "p", SignonRealm: "https://yandex.ru", Password: "hunter2",
DateCreated: 13340000000000000,
},
)
got, err := extractYandexPasswords(keyretriever.MasterKeys{V10: masterKey}, path)
require.NoError(t, err)
assert.Empty(t, got, "master-password profiles should be skipped in v1")
}
func TestExtractYandexPasswords_WrongMasterKey(t *testing.T) {
goodKey := bytes.Repeat([]byte{0x11}, 32)
wrongKey := bytes.Repeat([]byte{0x99}, 32)
dataKey := bytes.Repeat([]byte{0x22}, 32)
path := setupYandexPasswordDB(t, goodKey, dataKey, false,
yandexPassword{
OriginURL: "https://yandex.ru", UsernameElem: "u", UsernameVal: "alice",
PasswordElem: "p", SignonRealm: "https://yandex.ru", Password: "hunter2",
},
)
// A wrong master key fails at the intermediate step, surfacing as an error
// from the extractor.
_, err := extractYandexPasswords(keyretriever.MasterKeys{V10: wrongKey}, path)
require.Error(t, err)
}
func TestYandexLoginAAD_NoMasterPassword(t *testing.T) {
got := yandexLoginAAD("https://example.com/", "user", "alice", "pass", "https://example.com/", nil)
h := sha1.New()
h.Write([]byte("https://example.com/\x00user\x00alice\x00pass\x00https://example.com/"))
want := h.Sum(nil)
assert.Equal(t, want, got)
assert.Len(t, got, sha1.Size)
}
func TestYandexLoginAAD_WithMasterPassword(t *testing.T) {
keyID := []byte("abc123")
got := yandexLoginAAD("u", "e1", "v1", "e2", "r", keyID)
require.Len(t, got, sha1.Size+len(keyID))
assert.Equal(t, keyID, got[sha1.Size:])
}
Reference in New Issue View Git Blame Copy Permalink