public List <LoginFieldS> FetchPassword()
{
try
{
byte[] privateKey = new byte[24];
bool loginsFound = false, signonsFound = false;
string signonsFile = string.Empty, loginsFile = string.Empty;;
ErrorHandle eh = new ErrorHandle();
string MasterPwd = string.Empty;
string filePath = string.Empty;
Converts conv = new Converts();
// Read berkeleydb
DataTable dt = new DataTable();
Asn1Der asn = new Asn1Der();
List <LoginFieldS> lp = new List <LoginFieldS>();
var ffPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Mozilla\\Firefox\\Profiles");
if (!Directory.Exists(ffPath))
{
return(lp);
}
var dirs = Directory.GetDirectories(ffPath);
foreach (string dir in dirs)
{
try
{
string[] files = Directory.GetFiles(dir, "signons.sqlite");
if (files.Length > 0)
{
filePath = dir;
signonsFile = files[0];
signonsFound = true;
}
// find logins.json file
files = Directory.GetFiles(dir, "logins.json");
if (files.Length > 0)
{
filePath = dir;
loginsFile = files[0];
loginsFound = true;
}
if (!loginsFound && !signonsFound)
{
eh.ErrorFunc("File signons & logins not found.");
continue;
}
if (filePath == string.Empty)
{
eh.ErrorFunc("Mozilla not found.");
continue;
}
// Check if files exists
if (!File.Exists(Path.Combine(filePath, "key3.db")))
{
privateKey = CheckKey4DB(dir, MasterPwd);
}
else
{
privateKey = CheckKey3DB(dir, MasterPwd);
}
if (privateKey == null || privateKey.Length == 0)
{
eh.ErrorFunc("Private key return null");
continue;
}
// decrypt username and password
FFLogins ffLoginData;
DataBase dbLocal = new DataBase();
if (signonsFound)
{
using (SQLiteConnection cnn = new SQLiteConnection("Data Source=" + Path.Combine(filePath, "signons.sqlite")))
{
cnn.Open();
SQLiteCommand mycommand = new SQLiteCommand(cnn);
mycommand.CommandText = "select hostname, encryptedUsername, encryptedPassword, guid, encType from moz_logins;";
SQLiteDataReader reader = mycommand.ExecuteReader();
dt.Load(reader);
}
foreach (DataRow row in dt.Rows)
{
try
{
Asn1DerObject user = asn.Parse(Convert.FromBase64String(row["encryptedUsername"].ToString()));
Asn1DerObject pwd = asn.Parse(Convert.FromBase64String(row["encryptedPassword"].ToString()));
string hostname = row["hostname"].ToString();
string decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data);
string decryptedPwd = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data);
string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64);
string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64);
string title = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64);
string url = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256);
if (dbLocal.getInfoFromDB(url, username, "").Count == 0)
{
lp.Add(new LoginFieldS {
url = url, userName = username, password = password, title = title
});
}
}
catch (Exception ex)
{
continue;
}
}
}
if (loginsFound)
{
using (StreamReader sr = new StreamReader(Path.Combine(filePath, "logins.json")))
{
string json = sr.ReadToEnd();
ffLoginData = JsonConvert.DeserializeObject <FFLogins>(json);
}
foreach (LoginData loginData in ffLoginData.logins)
{
try
{
Asn1DerObject user = asn.Parse(Convert.FromBase64String(loginData.encryptedUsername));
Asn1DerObject pwd = asn.Parse(Convert.FromBase64String(loginData.encryptedPassword));
string hostname = loginData.hostname;
string decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data);
string decryptedPwd = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data);
string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64);
string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64);
string title = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64);
string url = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256);
if (dbLocal.getInfoFromDB(url, username, "").Count == 0)
{
lp.Add(new LoginFieldS {
url = url, userName = username, password = password, title = title
});
}
}
catch (Exception ex)
{
continue;
}
}
}
}
catch (Exception ex) {
continue;
}
}
return(lp);
}
catch (Exception ex)
{
throw ex;
}
}