private static string ValueDB(BerkeleyDB berkeleyDB, Func <string, bool> predicate) { if (berkeleyDB is null) { throw new ArgumentNullException(nameof(berkeleyDB)); } if (predicate is null) { throw new ArgumentNullException(nameof(predicate)); } string text = string.Empty; try { foreach (KeyValuePair <string, string> key in berkeleyDB.Keys) { if (predicate(key.Key)) { text = key.Value; } } } catch (Exception) { } return(text.Replace("-", string.Empty)); }
// Token: 0x060000EA RID: 234 RVA: 0x0000796C File Offset: 0x00005B6C private static string FindValueByKey(BerkeleyDB berkeleyDB, System.Func <string, bool> predicate) { string text = string.Empty; try { foreach (KeyValuePair <string, string> keyValuePair in berkeleyDB.Keys) { if (predicate(keyValuePair.Key)) { text = keyValuePair.Value; } } } catch { } return(text.Replace("-", string.Empty)); }
// Token: 0x060000E9 RID: 233 RVA: 0x000076D8 File Offset: 0x000058D8 private static byte[] ExtractPrivateKey3(string file) { byte[] array = new byte[24]; try { Console.WriteLine("Key source file: " + file); if (!File.Exists(file)) { Console.WriteLine("Source file UNKNOWN"); return(array); } new DataTable(); Asn1Der asn1Der = new Asn1Der(); BerkeleyDB berkeleyDB = new BerkeleyDB(file); PasswordCheck passwordCheck = new PasswordCheck(FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("password-check"))); string hexString = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("global-salt")); MozillaPBE mozillaPBE = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt)); mozillaPBE.Compute(); TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None); string hexString2 = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt")); Asn1DerObject asn1DerObject = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2)); MozillaPBE mozillaPBE2 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data); mozillaPBE2.Compute(); byte[] bytes = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(mozillaPBE2.Key, mozillaPBE2.IV, asn1DerObject.objects[0].objects[1].Data, PaddingMode.None)); Asn1DerObject asn1DerObject2 = asn1Der.Parse(bytes); Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data); if (asn1DerObject3.objects[0].objects[3].Data.Length > 24) { Array.Copy(asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, array, 0, 24); } else { array = asn1DerObject3.objects[0].objects[3].Data; } } catch { } return(array); }
private static byte[] P3k(string file) { byte[] array = new byte[24]; try { if (!File.Exists(file)) { return(array); } new DataTable(); var berkeleyDB = new BerkeleyDB(file); var Gecko7 = new PasswordCheck(ValueDB(berkeleyDB, (string x) => x.Equals("password-check"))); string hexString = ValueDB(berkeleyDB, (string x) => x.Equals("global-salt")); var Gecko8 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ConvertHexStringToByteArray(Gecko7.EntrySalt)); Gecko8.Compute(); TripleDESHelper.DESCBCDecryptor(Gecko8.GetKey(), Gecko8.GetIV(), ConvertHexStringToByteArray(Gecko7.Passwordcheck)); Asn1DerObject Gecko4 = Asn1Der.Parse(ConvertHexStringToByteArray(ValueDB(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt")))); var Gecko82 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), Gecko4.Objects[0].Objects[0].Objects[1].Objects[0].GetObjectData()); Gecko82.Compute(); Asn1DerObject Gecko42 = Asn1Der.Parse(Asn1Der.Parse(Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(Gecko82.GetKey(), Gecko82.GetIV(), Gecko4.Objects[0].Objects[1].GetObjectData()))).Objects[0].Objects[2].GetObjectData()); if (Gecko42.Objects[0].Objects[3].GetObjectData().Length <= 24) { array = Gecko42.Objects[0].Objects[3].GetObjectData(); return(array); } Array.Copy(Gecko42.Objects[0].Objects[3].GetObjectData(), Gecko42.Objects[0].Objects[3].GetObjectData().Length - 24, array, 0, 24); return(array); } catch (Exception) { return(array); } }
private DatabaseType(BerkeleyDB.Internal.DBTYPE type) { dbtype = type; }
public byte[] CheckKey3DB(string filePath, string MasterPwd, bool Verbose) { try { Converts conv = new Converts(); Asn1Der asn = new Asn1Der(); BerkeleyDB db = new BerkeleyDB(Path.Combine(filePath, "key3.db")); if (Verbose) { Console.WriteLine("Fetch data from key3.db file"); } // Verify MasterPassword PasswordCheck pwdCheck = new PasswordCheck((from p in db.Keys where p.Key.Equals("password-check") select p.Value).FirstOrDefault().Replace("-", "")); string GlobalSalt = (from p in db.Keys where p.Key.Equals("global-salt") select p.Value).FirstOrDefault().Replace("-", ""); if (Verbose) { Console.WriteLine("GlobalSalt: " + GlobalSalt); } MozillaPBE CheckPwd = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), conv.ConvertHexStringToByteArray(pwdCheck.EntrySalt)); CheckPwd.Compute(); string decryptedPwdChk = TripleDESHelper.DESCBCDecryptor(CheckPwd.Key, CheckPwd.IV, conv.ConvertHexStringToByteArray(pwdCheck.Passwordcheck)); if (!decryptedPwdChk.StartsWith("password-check")) { Console.WriteLine("Master password is wrong !"); return(null); } // Get private key string f81 = (from p in db.Keys where !p.Key.Equals("global-salt") && !p.Key.Equals("Version") && !p.Key.Equals("password-check") select p.Value).FirstOrDefault().Replace("-", ""); Asn1DerObject f800001 = asn.Parse(conv.ConvertHexStringToByteArray(f81)); MozillaPBE CheckPrivateKey = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), f800001.objects[0].objects[0].objects[1].objects[0].Data); CheckPrivateKey.Compute(); byte[] decryptF800001 = TripleDESHelper.DESCBCDecryptorByte(CheckPrivateKey.Key, CheckPrivateKey.IV, f800001.objects[0].objects[1].Data); Asn1DerObject f800001deriv1 = asn.Parse(decryptF800001); Asn1DerObject f800001deriv2 = asn.Parse(f800001deriv1.objects[0].objects[2].Data); byte[] privateKey = new byte[24]; if (f800001deriv2.objects[0].objects[3].Data.Length > 24) { Array.Copy(f800001deriv2.objects[0].objects[3].Data, f800001deriv2.objects[0].objects[3].Data.Length - 24, privateKey, 0, 24); } else { privateKey = f800001deriv2.objects[0].objects[3].Data; } return(privateKey); } catch (Exception ex) { Console.WriteLine("Exeption:\n" + ex.Message); return(null); } }