RepoMirrors/HackBrowserData
1
0
Fork 0
mirror of https://github.com/moonD4rk/HackBrowserData synced 2025-05-16 23:08:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: Resolve decryption failures of password value in some browser (#452)

Browse Source 
* fix: skip chromium-based browser 'def' dir
* fix: fixed the issue that 360speed, QQ Browser and other Chinese browsers had errors in decrypting passwords and cookies
* misc: modify some log level
* fix: fix the wrong function

---------

Co-authored-by: Aquilao <Aquilao@outlook>
This commit is contained in:
Aquilao Official 2024-11-14 10:13:46 +08:00 committed by ᴍᴏᴏɴD4ʀᴋ
parent 0761fc39f2
commit b66ca7b3d8
9 changed files with 35 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
browserdata/bookmark/bookmark.go
View File

@ -111,7 +111,7 @@ func (f *FirefoxBookmark) Extract(_ []byte) error {
defer db.Close() defer db.Close()
_, err = db.Exec(closeJournalMode) _, err = db.Exec(closeJournalMode)
if err != nil { if err != nil {
log.Errorf("close journal mode error: %v", err) log.Debugf("close journal mode error: %v", err)
} }
rows, err := db.Query(queryFirefoxBookMark) rows, err := db.Query(queryFirefoxBookMark)
if err != nil { if err != nil {
@ -124,7 +124,7 @@ func (f *FirefoxBookmark) Extract(_ []byte) error {
title, url string title, url string
) )
if err = rows.Scan(&id, &url, &bt, &dateAdded, &title); err != nil { if err = rows.Scan(&id, &url, &bt, &dateAdded, &title); err != nil {
log.Errorf("scan bookmark error: %v", err) log.Debugf("scan bookmark error: %v", err)
} }
*f = append(*f, bookmark{ *f = append(*f, bookmark{
ID: id, ID: id,

8
browserdata/browserdata.go
View File

@ -22,7 +22,7 @@ func New(items []types.DataType) *BrowserData {
func (d *BrowserData) Recovery(masterKey []byte) error { func (d *BrowserData) Recovery(masterKey []byte) error {
for _, source := range d.extractors { for _, source := range d.extractors {
if err := source.Extract(masterKey); err != nil { if err := source.Extract(masterKey); err != nil {
log.Errorf("parse %s error: %v", source.Name(), err) log.Debugf("parse %s error: %v", source.Name(), err)
continue continue
} }
} }
@ -41,15 +41,15 @@ func (d *BrowserData) Output(dir, browserName, flag string) {
f, err := output.CreateFile(dir, filename) f, err := output.CreateFile(dir, filename)
if err != nil { if err != nil {
log.Errorf("create file %s error: %v", filename, err) log.Debugf("create file %s error: %v", filename, err)
continue continue
} }
if err := output.Write(source, f); err != nil { if err := output.Write(source, f); err != nil {
log.Errorf("write to file %s error: %v", filename, err) log.Debugf("write to file %s error: %v", filename, err)
continue continue
} }
if err := f.Close(); err != nil { if err := f.Close(); err != nil {
log.Errorf("close file %s error: %v", filename, err) log.Debugf("close file %s error: %v", filename, err)
continue continue
} }
log.Warnf("export success: %s", filename) log.Warnf("export success: %s", filename)

15
browserdata/cookie/cookie.go
View File

@ -65,7 +65,7 @@ func (c *ChromiumCookie) Extract(masterKey []byte) error {
value, encryptValue []byte value, encryptValue []byte
) )
if err = rows.Scan(&key, &encryptValue, &host, &path, &createDate, &expireDate, &isSecure, &isHTTPOnly, &hasExpire, &isPersistent); err != nil { if err = rows.Scan(&key, &encryptValue, &host, &path, &createDate, &expireDate, &isSecure, &isHTTPOnly, &hasExpire, &isPersistent); err != nil {
log.Errorf("scan chromium cookie error: %v", err) log.Debugf("scan chromium cookie error: %v", err)
} }
cookie := cookie{ cookie := cookie{
@ -80,16 +80,17 @@ func (c *ChromiumCookie) Extract(masterKey []byte) error {
CreateDate: typeutil.TimeEpoch(createDate), CreateDate: typeutil.TimeEpoch(createDate),
ExpireDate: typeutil.TimeEpoch(expireDate), ExpireDate: typeutil.TimeEpoch(expireDate),
} }
if len(encryptValue) > 0 { if len(encryptValue) > 0 {
if len(masterKey) == 0 {
value, err = crypto.DecryptWithDPAPI(encryptValue) value, err = crypto.DecryptWithDPAPI(encryptValue)
} else {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
}
if err != nil { if err != nil {
log.Errorf("decrypt chromium cookie error: %v", err) value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
if err != nil {
log.Debugf("decrypt chromium cookie error: %v", err)
} }
} }
}
cookie.Value = string(value) cookie.Value = string(value)
*c = append(*c, cookie) *c = append(*c, cookie)
} }
@ -133,7 +134,7 @@ func (f *FirefoxCookie) Extract(_ []byte) error {
creationTime, expiry int64 creationTime, expiry int64
) )
if err = rows.Scan(&name, &value, &host, &path, &creationTime, &expiry, &isSecure, &isHTTPOnly); err != nil { if err = rows.Scan(&name, &value, &host, &path, &creationTime, &expiry, &isSecure, &isHTTPOnly); err != nil {
log.Errorf("scan firefox cookie error: %v", err) log.Debugf("scan firefox cookie error: %v", err)
} }
*f = append(*f, cookie{ *f = append(*f, cookie{
KeyName: name, KeyName: name,

8
browserdata/creditcard/creditcard.go
View File

@ -57,7 +57,7 @@ func (c *ChromiumCreditCard) Extract(masterKey []byte) error {
value, encryptValue []byte value, encryptValue []byte
) )
if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil { if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil {
log.Errorf("scan chromium credit card error: %v", err) log.Debugf("scan chromium credit card error: %v", err)
} }
ccInfo := card{ ccInfo := card{
GUID: guid, GUID: guid,
@ -74,7 +74,7 @@ func (c *ChromiumCreditCard) Extract(masterKey []byte) error {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue) value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
} }
if err != nil { if err != nil {
log.Errorf("decrypt chromium credit card error: %v", err) log.Debugf("decrypt chromium credit card error: %v", err)
} }
} }
@ -112,7 +112,7 @@ func (c *YandexCreditCard) Extract(masterKey []byte) error {
value, encryptValue []byte value, encryptValue []byte
) )
if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil { if err := rows.Scan(&guid, &name, &month, &year, &encryptValue, &address, &nickname); err != nil {
log.Errorf("scan chromium credit card error: %v", err) log.Debugf("scan chromium credit card error: %v", err)
} }
ccInfo := card{ ccInfo := card{
GUID: guid, GUID: guid,
@ -129,7 +129,7 @@ func (c *YandexCreditCard) Extract(masterKey []byte) error {
value, err = crypto.DecryptWithChromium(masterKey, encryptValue) value, err = crypto.DecryptWithChromium(masterKey, encryptValue)
} }
if err != nil { if err != nil {
log.Errorf("decrypt chromium credit card error: %v", err) log.Debugf("decrypt chromium credit card error: %v", err)
} }
} }
ccInfo.CardNumber = string(value) ccInfo.CardNumber = string(value)

2
browserdata/download/download.go
View File

@ -101,7 +101,7 @@ func (f *FirefoxDownload) Extract(_ []byte) error {
_, err = db.Exec(closeJournalMode) _, err = db.Exec(closeJournalMode)
if err != nil { if err != nil {
log.Errorf("close journal mode error: %v", err) log.Debugf("close journal mode error: %v", err)
} }
rows, err := db.Query(queryFirefoxDownload) rows, err := db.Query(queryFirefoxDownload)
if err != nil { if err != nil {

2
browserdata/history/history.go
View File

@ -113,7 +113,7 @@ func (f *FirefoxHistory) Extract(_ []byte) error {
visitCount int visitCount int
) )
if err = rows.Scan(&id, &url, &visitDate, &title, &visitCount); err != nil { if err = rows.Scan(&id, &url, &visitDate, &title, &visitCount); err != nil {
log.Errorf("scan firefox history error: %v", err) log.Debugf("scan firefox history error: %v", err)
} }
*f = append(*f, history{ *f = append(*f, history{
Title: title, Title: title,

4
browserdata/localstorage/localstorage.go
View File

@ -125,7 +125,7 @@ func (f *FirefoxLocalStorage) Extract(_ []byte) error {
_, err = db.Exec(closeJournalMode) _, err = db.Exec(closeJournalMode)
if err != nil { if err != nil {
log.Errorf("close journal mode error: %v", err) log.Debugf("close journal mode error: %v", err)
} }
rows, err := db.Query(queryLocalStorage) rows, err := db.Query(queryLocalStorage)
if err != nil { if err != nil {
@ -135,7 +135,7 @@ func (f *FirefoxLocalStorage) Extract(_ []byte) error {
for rows.Next() { for rows.Next() {
var originKey, key, value string var originKey, key, value string
if err = rows.Scan(&originKey, &key, &value); err != nil { if err = rows.Scan(&originKey, &key, &value); err != nil {
log.Errorf("scan firefox local storage error: %v", err) log.Debugf("scan firefox local storage error: %v", err)
} }
s := new(storage) s := new(storage)
s.fillFirefox(originKey, key, value) s.fillFirefox(originKey, key, value)

17
browserdata/password/password.go
View File

@ -65,23 +65,24 @@ func (c *ChromiumPassword) Extract(masterKey []byte) error {
create int64 create int64
) )
if err := rows.Scan(&url, &username, &pwd, &create); err != nil { if err := rows.Scan(&url, &username, &pwd, &create); err != nil {
log.Errorf("scan chromium password error: %v", err) log.Debugf("scan chromium password error: %v", err)
} }
login := loginData{ login := loginData{
UserName: username, UserName: username,
encryptPass: pwd, encryptPass: pwd,
LoginURL: url, LoginURL: url,
} }
if len(pwd) > 0 { if len(pwd) > 0 {
if len(masterKey) == 0 {
password, err = crypto.DecryptWithDPAPI(pwd) password, err = crypto.DecryptWithDPAPI(pwd)
} else {
password, err = crypto.DecryptWithChromium(masterKey, pwd)
}
if err != nil { if err != nil {
log.Errorf("decrypt chromium password error: %v", err) password, err = crypto.DecryptWithChromium(masterKey, pwd)
if err != nil {
log.Debugf("decrypt chromium password error: %v", err)
} }
} }
}
if create > time.Now().Unix() { if create > time.Now().Unix() {
login.CreateDate = typeutil.TimeEpoch(create) login.CreateDate = typeutil.TimeEpoch(create)
} else { } else {
@ -132,7 +133,7 @@ func (c *YandexPassword) Extract(masterKey []byte) error {
create int64 create int64
) )
if err := rows.Scan(&url, &username, &pwd, &create); err != nil { if err := rows.Scan(&url, &username, &pwd, &create); err != nil {
log.Errorf("scan yandex password error: %v", err) log.Debugf("scan yandex password error: %v", err)
} }
login := loginData{ login := loginData{
UserName: username, UserName: username,
@ -147,7 +148,7 @@ func (c *YandexPassword) Extract(masterKey []byte) error {
password, err = crypto.DecryptWithChromium(masterKey, pwd) password, err = crypto.DecryptWithChromium(masterKey, pwd)
} }
if err != nil { if err != nil {
log.Errorf("decrypt yandex password error: %v", err) log.Debugf("decrypt yandex password error: %v", err)
} }
} }
if create > time.Now().Unix() { if create > time.Now().Unix() {

4
browserdata/sessionstorage/sessionstorage.go
View File

@ -133,7 +133,7 @@ func (f *FirefoxSessionStorage) Extract(_ []byte) error {
_, err = db.Exec(closeJournalMode) _, err = db.Exec(closeJournalMode)
if err != nil { if err != nil {
log.Errorf("close journal mode error: %v", err) log.Debugf("close journal mode error: %v", err)
} }
rows, err := db.Query(querySessionStorage) rows, err := db.Query(querySessionStorage)
if err != nil { if err != nil {
@ -143,7 +143,7 @@ func (f *FirefoxSessionStorage) Extract(_ []byte) error {
for rows.Next() { for rows.Next() {
var originKey, key, value string var originKey, key, value string
if err = rows.Scan(&originKey, &key, &value); err != nil { if err = rows.Scan(&originKey, &key, &value); err != nil {
log.Errorf("scan session storage error: %v", err) log.Debugf("scan session storage error: %v", err)
} }
s := new(session) s := new(session)
s.fillFirefox(originKey, key, value) s.fillFirefox(originKey, key, value)