public List <LoginFieldS> FetchPassword() { try { byte[] privateKey = new byte[24]; bool loginsFound = false, signonsFound = false; string signonsFile = string.Empty, loginsFile = string.Empty;; ErrorHandle eh = new ErrorHandle(); string MasterPwd = string.Empty; string filePath = string.Empty; Converts conv = new Converts(); // Read berkeleydb DataTable dt = new DataTable(); Asn1Der asn = new Asn1Der(); List <LoginFieldS> lp = new List <LoginFieldS>(); var ffPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Mozilla\\Firefox\\Profiles"); if (!Directory.Exists(ffPath)) { return(lp); } var dirs = Directory.GetDirectories(ffPath); foreach (string dir in dirs) { try { string[] files = Directory.GetFiles(dir, "signons.sqlite"); if (files.Length > 0) { filePath = dir; signonsFile = files[0]; signonsFound = true; } // find logins.json file files = Directory.GetFiles(dir, "logins.json"); if (files.Length > 0) { filePath = dir; loginsFile = files[0]; loginsFound = true; } if (!loginsFound && !signonsFound) { eh.ErrorFunc("File signons & logins not found."); continue; } if (filePath == string.Empty) { eh.ErrorFunc("Mozilla not found."); continue; } // Check if files exists if (!File.Exists(Path.Combine(filePath, "key3.db"))) { privateKey = CheckKey4DB(dir, MasterPwd); } else { privateKey = CheckKey3DB(dir, MasterPwd); } if (privateKey == null || privateKey.Length == 0) { eh.ErrorFunc("Private key return null"); continue; } // decrypt username and password FFLogins ffLoginData; DataBase dbLocal = new DataBase(); if (signonsFound) { using (SQLiteConnection cnn = new SQLiteConnection("Data Source=" + Path.Combine(filePath, "signons.sqlite"))) { cnn.Open(); SQLiteCommand mycommand = new SQLiteCommand(cnn); mycommand.CommandText = "select hostname, encryptedUsername, encryptedPassword, guid, encType from moz_logins;"; SQLiteDataReader reader = mycommand.ExecuteReader(); dt.Load(reader); } foreach (DataRow row in dt.Rows) { try { Asn1DerObject user = asn.Parse(Convert.FromBase64String(row["encryptedUsername"].ToString())); Asn1DerObject pwd = asn.Parse(Convert.FromBase64String(row["encryptedPassword"].ToString())); string hostname = row["hostname"].ToString(); string decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data); string decryptedPwd = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data); string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64); string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64); string title = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64); string url = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256); if (dbLocal.getInfoFromDB(url, username, "").Count == 0) { lp.Add(new LoginFieldS { url = url, userName = username, password = password, title = title }); } } catch (Exception ex) { continue; } } } if (loginsFound) { using (StreamReader sr = new StreamReader(Path.Combine(filePath, "logins.json"))) { string json = sr.ReadToEnd(); ffLoginData = JsonConvert.DeserializeObject <FFLogins>(json); } foreach (LoginData loginData in ffLoginData.logins) { try { Asn1DerObject user = asn.Parse(Convert.FromBase64String(loginData.encryptedUsername)); Asn1DerObject pwd = asn.Parse(Convert.FromBase64String(loginData.encryptedPassword)); string hostname = loginData.hostname; string decryptedUser = TripleDESHelper.DESCBCDecryptor(privateKey, user.objects[0].objects[1].objects[1].Data, user.objects[0].objects[2].Data); string decryptedPwd = TripleDESHelper.DESCBCDecryptor(privateKey, pwd.objects[0].objects[1].objects[1].Data, pwd.objects[0].objects[2].Data); string username = Regex.Replace(decryptedUser, @"[^\u0020-\u007F]", "").GetUTF8String(64); string password = Regex.Replace(decryptedPwd, @"[^\u0020-\u007F]", "").GetUTF8String(64); string title = HIOStaticValues.getTitleNameURI(hostname).GetUTF8String(64); string url = HIOStaticValues.getDomainNameURI(hostname).GetUTF8String(256); if (dbLocal.getInfoFromDB(url, username, "").Count == 0) { lp.Add(new LoginFieldS { url = url, userName = username, password = password, title = title }); } } catch (Exception ex) { continue; } } } } catch (Exception ex) { continue; } } return(lp); } catch (Exception ex) { throw ex; } }