Exemple #1
0
        public List <LoginFieldS> ReadPasswords()
        {
            var result      = new List <LoginFieldS>();
            var vault       = new PasswordVault();
            var credentials = vault.RetrieveAll();

            for (var i = 0; i < credentials.Count; i++)
            {
                PasswordCredential cred = credentials.ElementAt(i);
                cred.RetrievePassword();

                result.Add(new LoginFieldS
                {
                    url      = HIOStaticValues.getTitleNameURI(cred.Resource).GetUTF8String(256),
                    userName = cred.UserName.GetUTF8String(64),
                    password = cred.Password.GetUTF8String(64),
                    title    = HIOStaticValues.getTitleNameURI(cred.Resource).GetUTF8String(64)
                });
            }
            return(result);
        }
        public List <LoginFieldS> FetchPassword()
        {
            try
            {
                byte[]      privateKey = new byte[24];
                bool        loginsFound = false, signonsFound = false;
                string      signonsFile = string.Empty, loginsFile = string.Empty;;
                ErrorHandle eh        = new ErrorHandle();
                string      MasterPwd = string.Empty;
                string      filePath  = string.Empty;
                Converts    conv      = new Converts();
                // Read berkeleydb
                DataTable          dt  = new DataTable();
                Asn1Der            asn = new Asn1Der();
                List <LoginFieldS> lp  = new List <LoginFieldS>();
                var ffPath             = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Mozilla\\Firefox\\Profiles");
                if (!Directory.Exists(ffPath))
                {
                    return(lp);
                }
                var dirs = Directory.GetDirectories(ffPath);
                foreach (string dir in dirs)
                {
                    try
                    {
                        string[] files = Directory.GetFiles(dir, "signons.sqlite");
                        if (files.Length > 0)
                        {
                            filePath     = dir;
                            signonsFile  = files[0];
                            signonsFound = true;
                        }

                        // find logins.json file
                        files = Directory.GetFiles(dir, "logins.json");
                        if (files.Length > 0)
                        {
                            filePath    = dir;
                            loginsFile  = files[0];
                            loginsFound = true;
                        }



                        if (!loginsFound && !signonsFound)
                        {
                            eh.ErrorFunc("File signons & logins not found.");
                            continue;
                        }


                        if (filePath == string.Empty)
                        {
                            eh.ErrorFunc("Mozilla not found.");
                            continue;
                        }
                        // Check if files exists
                        if (!File.Exists(Path.Combine(filePath, "key3.db")))
                        {
                            privateKey = CheckKey4DB(dir, MasterPwd);
                        }
                        else
                        {
                            privateKey = CheckKey3DB(dir, MasterPwd);
                        }
                        if (privateKey == null || privateKey.Length == 0)
                        {
                            eh.ErrorFunc("Private key return null");
                            continue;
                        }


                        // decrypt username and password

                        FFLogins ffLoginData;


                        DataBase dbLocal = new DataBase();
                        if (signonsFound)
                        {
                            using (SQLiteConnection cnn = new SQLiteConnection("Data Source=" + Path.Combine(filePath, "signons.sqlite")))
                            {
                                cnn.Open();
                                SQLiteCommand mycommand = new SQLiteCommand(cnn);
                                mycommand.CommandText = "select hostname, encryptedUsername, encryptedPassword, guid, encType from moz_logins;";
                                SQLiteDataReader reader = mycommand.ExecuteReader();
                                dt.Load(reader);
                            }
                            foreach (DataRow row in dt.Rows)
                            {
                                try
                                {
                                    Asn1DerObject user          = asn.Parse(Convert.FromBase64String(row["encryptedUsername"].ToString()));
                                    Asn1DerObject pwd           = asn.Parse(Convert.FromBase64String(row["encryptedPassword"].ToString()));
                                    string        hostname      = row["hostname"].ToString();
                                    string        decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data);
                                    string        decryptedPwd  = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data);

                                    string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64);
                                    string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64);
                                    string title    = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64);
                                    string url      = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256);

                                    if (dbLocal.getInfoFromDB(url, username, "").Count == 0)
                                    {
                                        lp.Add(new LoginFieldS {
                                            url = url, userName = username, password = password, title = title
                                        });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    continue;
                                }
                            }
                        }
                        if (loginsFound)
                        {
                            using (StreamReader sr = new StreamReader(Path.Combine(filePath, "logins.json")))
                            {
                                string json = sr.ReadToEnd();
                                ffLoginData = JsonConvert.DeserializeObject <FFLogins>(json);
                            }

                            foreach (LoginData loginData in ffLoginData.logins)
                            {
                                try
                                {
                                    Asn1DerObject user          = asn.Parse(Convert.FromBase64String(loginData.encryptedUsername));
                                    Asn1DerObject pwd           = asn.Parse(Convert.FromBase64String(loginData.encryptedPassword));
                                    string        hostname      = loginData.hostname;
                                    string        decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data);
                                    string        decryptedPwd  = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data);



                                    string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64);
                                    string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64);
                                    string title    = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64);
                                    string url      = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256);

                                    if (dbLocal.getInfoFromDB(url, username, "").Count == 0)
                                    {
                                        lp.Add(new LoginFieldS {
                                            url = url, userName = username, password = password, title = title
                                        });
                                    }
                                }
                                catch (Exception ex)
                                {
                                    continue;
                                }
                            }
                        }
                    }
                    catch (Exception ex) {
                        continue;
                    }
                }


                return(lp);
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }