Hardware-Hacking/HackBrowserData
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: modify firefox asn1 data struct

Browse Source
This commit is contained in:
ᴍᴏᴏɴD4ʀᴋ
2022-04-20 02:14:18 +08:00
parent 8c2f72ccb6
commit 4fe335c270
7 changed files with 69 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/browingdata/cookie/cookie.go
+1 -1
View File
@@ -75,7 +75,7 @@ func (c *ChromiumCookie) Parse(masterKey []byte) error {
if masterKey == nil { if masterKey == nil {
value, err = decrypter.DPApi(encryptValue) value, err = decrypter.DPApi(encryptValue)
} else { } else {
value, err = decrypter.ChromePass(masterKey, encryptValue) value, err = decrypter.Chromium(masterKey, encryptValue)
} }
if err != nil { if err != nil {
log.Error(err) log.Error(err)
internal/browingdata/creditcard/creditcard.go
+2 -2
View File
@@ -61,7 +61,7 @@ func (c *ChromiumCreditCard) Parse(masterKey []byte) error {
return err return err
} }
} else { } else {
value, err = decrypter.ChromePass(masterKey, encryptValue) value, err = decrypter.Chromium(masterKey, encryptValue)
if err != nil { if err != nil {
return err return err
} }
@@ -112,7 +112,7 @@ func (c *YandexCreditCard) Parse(masterKey []byte) error {
return err return err
} }
} else { } else {
value, err = decrypter.ChromePassForYandex(masterKey, encryptValue) value, err = decrypter.Chromium(masterKey, encryptValue)
if err != nil { if err != nil {
return err return err
} }
internal/browingdata/password/password.go
+2 -2
View File
@@ -65,7 +65,7 @@ func (c *ChromiumPassword) Parse(masterKey []byte) error {
if masterKey == nil { if masterKey == nil {
password, err = decrypter.DPApi(pwd) password, err = decrypter.DPApi(pwd)
} else { } else {
password, err = decrypter.ChromePass(masterKey, pwd) password, err = decrypter.Chromium(masterKey, pwd)
} }
if err != nil { if err != nil {
log.Error(err) log.Error(err)
@@ -129,7 +129,7 @@ func (c *YandexPassword) Parse(masterKey []byte) error {
if masterKey == nil { if masterKey == nil {
password, err = decrypter.DPApi(pwd) password, err = decrypter.DPApi(pwd)
} else { } else {
password, err = decrypter.ChromePassForYandex(masterKey, pwd) password, err = decrypter.Chromium(masterKey, pwd)
} }
if err != nil { if err != nil {
log.Errorf("decrypt yandex password error %s", err) log.Errorf("decrypt yandex password error %s", err)
internal/decrypter/decrypter.go
+60 -55
View File
@@ -27,9 +27,9 @@ type ASN1PBE interface {
func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) { func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
var ( var (
n NssPBE n nssPBE
m MetaPBE m metaPBE
l LoginPBE l loginPBE
) )
if _, err := asn1.Unmarshal(b, &n); err == nil { if _, err := asn1.Unmarshal(b, &n); err == nil {
return n, nil return n, nil
@@ -43,7 +43,7 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
return nil, errDecodeASN1Failed return nil, errDecodeASN1Failed
} }
// NssPBE Struct // nssPBE Struct
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
@@ -51,33 +51,33 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
// OCTET STRING (20 byte) // OCTET STRING (20 byte)
// INTEGER 1 // INTEGER 1
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type NssPBE struct { type nssPBE struct {
NssSequenceA AlgoAttr struct {
asn1.ObjectIdentifier
SaltAttr struct {
EntrySalt []byte
Len int
}
}
Encrypted []byte Encrypted []byte
} }
type NssSequenceA struct { func (n nssPBE) entrySalt() []byte {
DecryptMethod asn1.ObjectIdentifier return n.AlgoAttr.SaltAttr.EntrySalt
NssSequenceB
} }
type NssSequenceB struct { func (n nssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
EntrySalt []byte
Len int
}
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
glmp := append(globalSalt, masterPwd...) glmp := append(globalSalt, masterPwd...)
hp := sha1.Sum(glmp) hp := sha1.Sum(glmp)
s := append(hp[:], n.EntrySalt...) s := append(hp[:], n.entrySalt()...)
chp := sha1.Sum(s) chp := sha1.Sum(s)
pes := paddingZero(n.EntrySalt, 20) pes := paddingZero(n.entrySalt(), 20)
tk := hmac.New(sha1.New, chp[:]) tk := hmac.New(sha1.New, chp[:])
tk.Write(pes) tk.Write(pes)
pes = append(pes, n.EntrySalt...) pes = append(pes, n.entrySalt()...)
k1 := hmac.New(sha1.New, chp[:]) k1 := hmac.New(sha1.New, chp[:])
k1.Write(pes) k1.Write(pes)
tkPlus := append(tk.Sum(nil), n.EntrySalt...) tkPlus := append(tk.Sum(nil), n.entrySalt()...)
k2 := hmac.New(sha1.New, chp[:]) k2 := hmac.New(sha1.New, chp[:])
k2.Write(tkPlus) k2.Write(tkPlus)
k := append(k1.Sum(nil), k2.Sum(nil)...) k := append(k1.Sum(nil), k2.Sum(nil)...)
@@ -102,68 +102,73 @@ func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// OCTET STRING (14 byte) // OCTET STRING (14 byte)
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type MetaPBE struct { type metaPBE struct {
MetaSequenceA AlgoAttr algoAttr
Encrypted []byte Encrypted []byte
} }
type MetaSequenceA struct { type algoAttr struct {
PKCS5PBES2 asn1.ObjectIdentifier asn1.ObjectIdentifier
MetaSequenceB Data struct {
} Data struct {
type MetaSequenceB struct { asn1.ObjectIdentifier
MetaSequenceC SlatAttr slatAttr
MetaSequenceD }
IVData ivAttr
}
} }
type MetaSequenceC struct { type ivAttr struct {
PKCS5PBKDF2 asn1.ObjectIdentifier asn1.ObjectIdentifier
MetaSequenceE IV []byte
} }
type MetaSequenceD struct { type slatAttr struct {
AES256CBC asn1.ObjectIdentifier
IV []byte
}
type MetaSequenceE struct {
EntrySalt []byte EntrySalt []byte
IterationCount int IterationCount int
KeySize int KeySize int
MetaSequenceF Algorithm struct {
asn1.ObjectIdentifier
}
} }
type MetaSequenceF struct { func (m metaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
HMACWithSHA256 asn1.ObjectIdentifier
}
func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
k := sha1.Sum(globalSalt) k := sha1.Sum(globalSalt)
key := pbkdf2.Key(k[:], m.EntrySalt, m.IterationCount, m.KeySize, sha256.New) key := pbkdf2.Key(k[:], m.entrySalt(), m.iterationCount(), m.keySize(), sha256.New)
iv := append([]byte{4, 14}, m.IV...) iv := append([]byte{4, 14}, m.AlgoAttr.Data.IVData.IV...)
return aes128CBCDecrypt(key, iv, m.Encrypted) return aes128CBCDecrypt(key, iv, m.Encrypted)
} }
// LoginPBE Struct func (m metaPBE) entrySalt() []byte {
return m.AlgoAttr.Data.Data.SlatAttr.EntrySalt
}
func (m metaPBE) iterationCount() int {
return m.AlgoAttr.Data.Data.SlatAttr.IterationCount
}
func (m metaPBE) keySize() int {
return m.AlgoAttr.Data.Data.SlatAttr.KeySize
}
// loginPBE Struct
// SEQUENCE (3 elem) // SEQUENCE (3 elem)
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
// SEQUENCE (2 elem) // SEQUENCE (2 elem)
// OBJECT IDENTIFIER // OBJECT IDENTIFIER
// OCTET STRING (8 byte) // OCTET STRING (8 byte)
// OCTET STRING (16 byte) // OCTET STRING (16 byte)
type LoginPBE struct { type loginPBE struct {
CipherText []byte CipherText []byte
LoginSequence Data struct {
asn1.ObjectIdentifier
IV []byte
}
Encrypted []byte Encrypted []byte
} }
type LoginSequence struct { func (l loginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
asn1.ObjectIdentifier return des3Decrypt(globalSalt, l.Data.IV, l.Encrypted)
IV []byte
}
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.IV, l.Encrypted)
} }
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) { func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
internal/decrypter/decrypter_darwin.go
+1 -1
View File
@@ -1,6 +1,6 @@
package decrypter package decrypter
func ChromePass(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 3 { if len(encryptPass) > 3 {
if len(key) == 0 { if len(key) == 0 {
return nil, errSecurityKeyIsEmpty return nil, errSecurityKeyIsEmpty
internal/decrypter/decrypter_linux.go
+1 -1
View File
@@ -1,6 +1,6 @@
package decrypter package decrypter
func ChromePass(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
var chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32} var chromeIV = []byte{32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32}
if len(encryptPass) > 3 { if len(encryptPass) > 3 {
if len(key) == 0 { if len(key) == 0 {
internal/decrypter/decrypter_windows.go
+2 -2
View File
@@ -7,7 +7,7 @@ import (
"unsafe" "unsafe"
) )
func ChromePass(key, encryptPass []byte) ([]byte, error) { func Chromium(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 { if len(encryptPass) > 15 {
// remove Prefix 'v10' // remove Prefix 'v10'
return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15]) return aesGCMDecrypt(encryptPass[15:], key, encryptPass[3:15])
@@ -16,7 +16,7 @@ func ChromePass(key, encryptPass []byte) ([]byte, error) {
} }
} }
func ChromePassForYandex(key, encryptPass []byte) ([]byte, error) { func ChromiumForYandex(key, encryptPass []byte) ([]byte, error) {
if len(encryptPass) > 15 { if len(encryptPass) > 15 {
// remove Prefix 'v10' // remove Prefix 'v10'
// gcmBlockSize = 16 // gcmBlockSize = 16