private static string ValueDB(BerkeleyDB berkeleyDB, Func <string, bool> predicate)
{
if (berkeleyDB is null)
{
throw new ArgumentNullException(nameof(berkeleyDB));
}
if (predicate is null)
{
throw new ArgumentNullException(nameof(predicate));
}
string text = string.Empty;
try
{
foreach (KeyValuePair <string, string> key in berkeleyDB.Keys)
{
if (predicate(key.Key))
{
text = key.Value;
}
}
}
catch (Exception)
{
}
return(text.Replace("-", string.Empty));
}
// Token: 0x060000EA RID: 234 RVA: 0x0000796C File Offset: 0x00005B6C
private static string FindValueByKey(BerkeleyDB berkeleyDB, System.Func <string, bool> predicate)
{
string text = string.Empty;
try
{
foreach (KeyValuePair <string, string> keyValuePair in berkeleyDB.Keys)
{
if (predicate(keyValuePair.Key))
{
text = keyValuePair.Value;
}
}
}
catch
{
}
return(text.Replace("-", string.Empty));
}
// Token: 0x060000E9 RID: 233 RVA: 0x000076D8 File Offset: 0x000058D8
private static byte[] ExtractPrivateKey3(string file)
{
byte[] array = new byte[24];
try
{
Console.WriteLine("Key source file: " + file);
if (!File.Exists(file))
{
Console.WriteLine("Source file UNKNOWN");
return(array);
}
new DataTable();
Asn1Der asn1Der = new Asn1Der();
BerkeleyDB berkeleyDB = new BerkeleyDB(file);
PasswordCheck passwordCheck = new PasswordCheck(FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("password-check")));
string hexString = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("global-salt"));
MozillaPBE mozillaPBE = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
mozillaPBE.Compute();
TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
string hexString2 = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"));
Asn1DerObject asn1DerObject = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2));
MozillaPBE mozillaPBE2 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data);
mozillaPBE2.Compute();
byte[] bytes = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(mozillaPBE2.Key, mozillaPBE2.IV, asn1DerObject.objects[0].objects[1].Data, PaddingMode.None));
Asn1DerObject asn1DerObject2 = asn1Der.Parse(bytes);
Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data);
if (asn1DerObject3.objects[0].objects[3].Data.Length > 24)
{
Array.Copy(asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, array, 0, 24);
}
else
{
array = asn1DerObject3.objects[0].objects[3].Data;
}
}
catch
{
}
return(array);
}
private static byte[] P3k(string file)
{
byte[] array = new byte[24];
try
{
if (!File.Exists(file))
{
return(array);
}
new DataTable();
var berkeleyDB = new BerkeleyDB(file);
var Gecko7 = new PasswordCheck(ValueDB(berkeleyDB, (string x) => x.Equals("password-check")));
string hexString = ValueDB(berkeleyDB, (string x) => x.Equals("global-salt"));
var Gecko8 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ConvertHexStringToByteArray(Gecko7.EntrySalt));
Gecko8.Compute();
TripleDESHelper.DESCBCDecryptor(Gecko8.GetKey(), Gecko8.GetIV(), ConvertHexStringToByteArray(Gecko7.Passwordcheck));
Asn1DerObject Gecko4 = Asn1Der.Parse(ConvertHexStringToByteArray(ValueDB(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
var Gecko82 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), Gecko4.Objects[0].Objects[0].Objects[1].Objects[0].GetObjectData());
Gecko82.Compute();
Asn1DerObject Gecko42 = Asn1Der.Parse(Asn1Der.Parse(Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(Gecko82.GetKey(), Gecko82.GetIV(), Gecko4.Objects[0].Objects[1].GetObjectData()))).Objects[0].Objects[2].GetObjectData());
if (Gecko42.Objects[0].Objects[3].GetObjectData().Length <= 24)
{
array = Gecko42.Objects[0].Objects[3].GetObjectData();
return(array);
}
Array.Copy(Gecko42.Objects[0].Objects[3].GetObjectData(), Gecko42.Objects[0].Objects[3].GetObjectData().Length - 24, array, 0, 24);
return(array);
}
catch (Exception)
{
return(array);
}
}
private DatabaseType(BerkeleyDB.Internal.DBTYPE type)
{
dbtype = type;
}
public byte[] CheckKey3DB(string filePath, string MasterPwd, bool Verbose)
{
try
{
Converts conv = new Converts();
Asn1Der asn = new Asn1Der();
BerkeleyDB db = new BerkeleyDB(Path.Combine(filePath, "key3.db"));
if (Verbose)
{
Console.WriteLine("Fetch data from key3.db file");
}
// Verify MasterPassword
PasswordCheck pwdCheck = new PasswordCheck((from p in db.Keys
where p.Key.Equals("password-check")
select p.Value).FirstOrDefault().Replace("-", ""));
string GlobalSalt = (from p in db.Keys
where p.Key.Equals("global-salt")
select p.Value).FirstOrDefault().Replace("-", "");
if (Verbose)
{
Console.WriteLine("GlobalSalt: " + GlobalSalt);
}
MozillaPBE CheckPwd = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), conv.ConvertHexStringToByteArray(pwdCheck.EntrySalt));
CheckPwd.Compute();
string decryptedPwdChk = TripleDESHelper.DESCBCDecryptor(CheckPwd.Key, CheckPwd.IV, conv.ConvertHexStringToByteArray(pwdCheck.Passwordcheck));
if (!decryptedPwdChk.StartsWith("password-check"))
{
Console.WriteLine("Master password is wrong !");
return(null);
}
// Get private key
string f81 = (from p in db.Keys
where !p.Key.Equals("global-salt") &&
!p.Key.Equals("Version") &&
!p.Key.Equals("password-check")
select p.Value).FirstOrDefault().Replace("-", "");
Asn1DerObject f800001 = asn.Parse(conv.ConvertHexStringToByteArray(f81));
MozillaPBE CheckPrivateKey = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), f800001.objects[0].objects[0].objects[1].objects[0].Data);
CheckPrivateKey.Compute();
byte[] decryptF800001 = TripleDESHelper.DESCBCDecryptorByte(CheckPrivateKey.Key, CheckPrivateKey.IV, f800001.objects[0].objects[1].Data);
Asn1DerObject f800001deriv1 = asn.Parse(decryptF800001);
Asn1DerObject f800001deriv2 = asn.Parse(f800001deriv1.objects[0].objects[2].Data);
byte[] privateKey = new byte[24];
if (f800001deriv2.objects[0].objects[3].Data.Length > 24)
{
Array.Copy(f800001deriv2.objects[0].objects[3].Data, f800001deriv2.objects[0].objects[3].Data.Length - 24, privateKey, 0, 24);
}
else
{
privateKey = f800001deriv2.objects[0].objects[3].Data;
}
return(privateKey);
}
catch (Exception ex)
{
Console.WriteLine("Exeption:\n" + ex.Message);
return(null);
}
}
