Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Resolve decryption failures of password value in some browser #452

Merged
merged 5 commits into from
Nov 14, 2024
Merged

fix: Resolve decryption failures of password value in some browser #452

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2a50d93
fix: skip chromium-based browser 'def' dir
Nov 8, 2024
dfa5755
fix: fixed the issue that 360speed, QQ Browser and other Chinese brow…
Nov 13, 2024
7528c12
Merge branch 'dev' of github.com:moonD4rk/HackBrowserData into dev
Nov 13, 2024
76d9481
misc: modify some log level
Nov 13, 2024
812bb86
fix: fix the wrong function
Nov 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions browserdata/bookmark/bookmark.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ func (f *FirefoxBookmark) Extract(_ []byte) error {
defer db.Close()
_, err = db.Exec(closeJournalMode)
if err != nil {
log.Errorf("close journal mode error: %v", err)
log.Debugf("close journal mode error: %v", err)
}
rows, err := db.Query(queryFirefoxBookMark)
if err != nil {
Expand All @@ -124,7 +124,7 @@ func (f *FirefoxBookmark) Extract(_ []byte) error {
title, url string
)
if err = rows.Scan(&id, &url, &bt, &dateAdded, &title); err != nil {
log.Errorf("scan bookmark error: %v", err)
log.Debugf("scan bookmark error: %v", err)
}
*f = append(*f, bookmark{
ID: id,
Expand Down
8 changes: 4 additions & 4 deletions browserdata/browserdata.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ func New(items []types.DataType) *BrowserData {
func (d *BrowserData) Recovery(masterKey []byte) error {
for _, source := range d.extractors {
if err := source.Extract(masterKey); err != nil {
log.Errorf("parse %s error: %v", source.Name(), err)
log.Debugf("parse %s error: %v", source.Name(), err)
continue
}
}
Expand All @@ -41,15 +41,15 @@ func (d *BrowserData) Output(dir, browserName, flag string) {

f, err := output.CreateFile(dir, filename)
if err != nil {
log.Errorf("create file %s error: %v", filename, err)
log.Debugf("create file %s error: %v", filename, err)
continue
}
if err := output.Write(source, f); err != nil {
log.Errorf("write to file %s error: %v", filename, err)
log.Debugf("write to file %s error: %v", filename, err)
continue
}
if err := f.Close(); err != nil {
log.Errorf("close file %s error: %v", filename, err)
log.Debugf("close file %s error: %v", filename, err)
continue
}
log.Warnf("export success: %s", filename)
Expand Down
17 changes: 9 additions & 8 deletions browserdata/cookie/cookie.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func (c *ChromiumCookie) Extract(masterKey []byte) error {
value, encryptValue []byte
)
if err = rows.Scan(&key, &encryptValue, &host, &path, &createDate, &expireDate, &isSecure, &isHTTPOnly, &hasExpire, &isPersistent); err != nil {
log.Errorf("scan chromium cookie error: %v", err)
log.Debugf("scan chromium cookie error: %v", err)
}

cookie := cookie{
Expand All @@ -80,16 +80,17 @@ func (c *ChromiumCookie) Extract(masterKey []byte) error {
CreateDate: typeutil.TimeEpoch(createDate),
ExpireDate: typeutil.TimeEpoch(expireDate),
}

if len(encryptValue) > 0 {
if len(masterKey) == 0 {
value, err = crypto.DecryptWithDPAPI(encryptValue)
} else {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
}
value, err = crypto.DecryptWithDPAPI(encryptValue)
if err != nil {
log.Errorf("decrypt chromium cookie error: %v", err)
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
if err != nil {
log.Debugf("decrypt chromium cookie error: %v", err)
}
}
}

cookie.Value = string(value)
*c = append(*c, cookie)
}
Expand Down Expand Up @@ -133,7 +134,7 @@ func (f *FirefoxCookie) Extract(_ []byte) error {
creationTime, expiry int64
)
if err = rows.Scan(&name, &value, &host, &path, &creationTime, &expiry, &isSecure, &isHTTPOnly); err != nil {
log.Errorf("scan firefox cookie error: %v", err)
log.Debugf("scan firefox cookie error: %v", err)
}
*f = append(*f, cookie{
KeyName: name,
Expand Down
8 changes: 4 additions & 4 deletions browserdata/creditcard/creditcard.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func (c *ChromiumCreditCard) Extract(masterKey []byte) error {
value, encryptValue []byte
)
if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil {
log.Errorf("scan chromium credit card error: %v", err)
log.Debugf("scan chromium credit card error: %v", err)
}
ccInfo := card{
GUID: guid,
Expand All @@ -74,7 +74,7 @@ func (c *ChromiumCreditCard) Extract(masterKey []byte) error {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
}
if err != nil {
log.Errorf("decrypt chromium credit card error: %v", err)
log.Debugf("decrypt chromium credit card error: %v", err)
}
}

Expand Down Expand Up @@ -112,7 +112,7 @@ func (c *YandexCreditCard) Extract(masterKey []byte) error {
value, encryptValue []byte
)
if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil {
log.Errorf("scan chromium credit card error: %v", err)
log.Debugf("scan chromium credit card error: %v", err)
}
ccInfo := card{
GUID: guid,
Expand All @@ -129,7 +129,7 @@ func (c *YandexCreditCard) Extract(masterKey []byte) error {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
}
if err != nil {
log.Errorf("decrypt chromium credit card error: %v", err)
log.Debugf("decrypt chromium credit card error: %v", err)
}
}
ccInfo.CardNumber = string(value)
Expand Down
2 changes: 1 addition & 1 deletion browserdata/download/download.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ func (f *FirefoxDownload) Extract(_ []byte) error {

_, err = db.Exec(closeJournalMode)
if err != nil {
log.Errorf("close journal mode error: %v", err)
log.Debugf("close journal mode error: %v", err)
}
rows, err := db.Query(queryFirefoxDownload)
if err != nil {
Expand Down
2 changes: 1 addition & 1 deletion browserdata/history/history.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ func (f *FirefoxHistory) Extract(_ []byte) error {
visitCount int
)
if err = rows.Scan(&id, &url, &visitDate, &title, &visitCount); err != nil {
log.Errorf("scan firefox history error: %v", err)
log.Debugf("scan firefox history error: %v", err)
}
*f = append(*f, history{
Title: title,
Expand Down
4 changes: 2 additions & 2 deletions browserdata/localstorage/localstorage.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ func (f *FirefoxLocalStorage) Extract(_ []byte) error {

_, err = db.Exec(closeJournalMode)
if err != nil {
log.Errorf("close journal mode error: %v", err)
log.Debugf("close journal mode error: %v", err)
}
rows, err := db.Query(queryLocalStorage)
if err != nil {
Expand All @@ -135,7 +135,7 @@ func (f *FirefoxLocalStorage) Extract(_ []byte) error {
for rows.Next() {
var originKey, key, value string
if err = rows.Scan(&originKey, &key, &value); err != nil {
log.Errorf("scan firefox local storage error: %v", err)
log.Debugf("scan firefox local storage error: %v", err)
}
s := new(storage)
s.fillFirefox(originKey, key, value)
Expand Down
19 changes: 10 additions & 9 deletions browserdata/password/password.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,23 +65,24 @@ func (c *ChromiumPassword) Extract(masterKey []byte) error {
create int64
)
if err := rows.Scan(&url, &username, &pwd, &create); err != nil {
log.Errorf("scan chromium password error: %v", err)
log.Debugf("scan chromium password error: %v", err)
}
login := loginData{
UserName: username,
encryptPass: pwd,
LoginURL: url,
}

if len(pwd) > 0 {
if len(masterKey) == 0 {
password, err = crypto.DecryptWithDPAPI(pwd)
} else {
password, err = crypto.DecryptWithChromium(masterKey, pwd)
}
password, err = crypto.DecryptWithDPAPI(pwd)
if err != nil {
log.Errorf("decrypt chromium password error: %v", err)
password, err = crypto.DecryptWithChromium(masterKey, pwd)
if err != nil {
log.Debugf("decrypt chromium password error: %v", err)
}
}
}

if create > time.Now().Unix() {
login.CreateDate = typeutil.TimeEpoch(create)
} else {
Expand Down Expand Up @@ -132,7 +133,7 @@ func (c *YandexPassword) Extract(masterKey []byte) error {
create int64
)
if err := rows.Scan(&url, &username, &pwd, &create); err != nil {
log.Errorf("scan yandex password error: %v", err)
log.Debugf("scan yandex password error: %v", err)
}
login := loginData{
UserName: username,
Expand All @@ -147,7 +148,7 @@ func (c *YandexPassword) Extract(masterKey []byte) error {
password, err = crypto.DecryptWithChromium(masterKey, pwd)
}
if err != nil {
log.Errorf("decrypt yandex password error: %v", err)
log.Debugf("decrypt yandex password error: %v", err)
}
}
if create > time.Now().Unix() {
Expand Down
4 changes: 2 additions & 2 deletions browserdata/sessionstorage/sessionstorage.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ func (f *FirefoxSessionStorage) Extract(_ []byte) error {

_, err = db.Exec(closeJournalMode)
if err != nil {
log.Errorf("close journal mode error: %v", err)
log.Debugf("close journal mode error: %v", err)
}
rows, err := db.Query(querySessionStorage)
if err != nil {
Expand All @@ -143,7 +143,7 @@ func (f *FirefoxSessionStorage) Extract(_ []byte) error {
for rows.Next() {
var originKey, key, value string
if err = rows.Scan(&originKey, &key, &value); err != nil {
log.Errorf("scan session storage error: %v", err)
log.Debugf("scan session storage error: %v", err)
}
s := new(session)
s.fillFirefox(originKey, key, value)
Expand Down
Loading