|
|
@ -10,14 +10,13 @@ import ( |
|
|
|
"encoding/asn1" |
|
|
|
"encoding/asn1" |
|
|
|
"errors" |
|
|
|
"errors" |
|
|
|
|
|
|
|
|
|
|
|
"hack-browser-data/log" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
"golang.org/x/crypto/pbkdf2" |
|
|
|
"golang.org/x/crypto/pbkdf2" |
|
|
|
) |
|
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
var ( |
|
|
|
var ( |
|
|
|
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal") |
|
|
|
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal") |
|
|
|
errDecryptFailed = errors.New("decrypt failed, password is empty") |
|
|
|
errPasswordIsEmpty = errors.New("password is empty") |
|
|
|
|
|
|
|
errDecryptFailed = errors.New("decrypt encrypt value failed") |
|
|
|
errDecodeASN1Failed = errors.New("decode ASN1 data failed") |
|
|
|
errDecodeASN1Failed = errors.New("decode ASN1 data failed") |
|
|
|
errEncryptedLength = errors.New("length of encrypted password less than block size") |
|
|
|
errEncryptedLength = errors.New("length of encrypted password less than block size") |
|
|
|
) |
|
|
|
) |
|
|
@ -44,15 +43,14 @@ func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) { |
|
|
|
return nil, errDecodeASN1Failed |
|
|
|
return nil, errDecodeASN1Failed |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* NSS Struct |
|
|
|
// NssPBE Struct
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
OCTET STRING (20 byte) |
|
|
|
// OCTET STRING (20 byte)
|
|
|
|
INTEGER 1 |
|
|
|
// INTEGER 1
|
|
|
|
OCTET STRING (16 byte) |
|
|
|
// OCTET STRING (16 byte)
|
|
|
|
*/ |
|
|
|
|
|
|
|
type NssPBE struct { |
|
|
|
type NssPBE struct { |
|
|
|
NssSequenceA |
|
|
|
NssSequenceA |
|
|
|
Encrypted []byte |
|
|
|
Encrypted []byte |
|
|
@ -69,21 +67,11 @@ type NssSequenceB struct { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { |
|
|
|
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { |
|
|
|
// byte[] GLMP; // GlobalSalt + MasterPassword
|
|
|
|
|
|
|
|
// byte[] HP; // SHA1(GLMP)
|
|
|
|
|
|
|
|
// byte[] HPES; // HP + EntrySalt
|
|
|
|
|
|
|
|
// byte[] CHP; // SHA1(HPES)
|
|
|
|
|
|
|
|
// byte[] PES; // EntrySalt completed to 20 bytes by zero
|
|
|
|
|
|
|
|
// byte[] PESES; // PES + EntrySalt
|
|
|
|
|
|
|
|
// byte[] k1;
|
|
|
|
|
|
|
|
// byte[] tk;
|
|
|
|
|
|
|
|
// byte[] k2;
|
|
|
|
|
|
|
|
// byte[] k; // final value containing key and iv
|
|
|
|
|
|
|
|
glmp := append(globalSalt, masterPwd...) |
|
|
|
glmp := append(globalSalt, masterPwd...) |
|
|
|
hp := sha1.Sum(glmp) |
|
|
|
hp := sha1.Sum(glmp) |
|
|
|
s := append(hp[:], n.EntrySalt...) |
|
|
|
s := append(hp[:], n.EntrySalt...) |
|
|
|
chp := sha1.Sum(s) |
|
|
|
chp := sha1.Sum(s) |
|
|
|
pes := PaddingZero(n.EntrySalt, 20) |
|
|
|
pes := paddingZero(n.EntrySalt, 20) |
|
|
|
tk := hmac.New(sha1.New, chp[:]) |
|
|
|
tk := hmac.New(sha1.New, chp[:]) |
|
|
|
tk.Write(pes) |
|
|
|
tk.Write(pes) |
|
|
|
pes = append(pes, n.EntrySalt...) |
|
|
|
pes = append(pes, n.EntrySalt...) |
|
|
@ -94,28 +82,26 @@ func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { |
|
|
|
k2.Write(tkPlus) |
|
|
|
k2.Write(tkPlus) |
|
|
|
k := append(k1.Sum(nil), k2.Sum(nil)...) |
|
|
|
k := append(k1.Sum(nil), k2.Sum(nil)...) |
|
|
|
iv := k[len(k)-8:] |
|
|
|
iv := k[len(k)-8:] |
|
|
|
log.Debug("get firefox pbe key and iv success") |
|
|
|
|
|
|
|
return des3Decrypt(k[:24], iv, n.Encrypted) |
|
|
|
return des3Decrypt(k[:24], iv, n.Encrypted) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* META Struct |
|
|
|
// MetaPBE Struct
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
SEQUENCE (4 elem) |
|
|
|
// SEQUENCE (4 elem)
|
|
|
|
OCTET STRING (32 byte) |
|
|
|
// OCTET STRING (32 byte)
|
|
|
|
INTEGER 1 |
|
|
|
// INTEGER 1
|
|
|
|
INTEGER 32 |
|
|
|
// INTEGER 32
|
|
|
|
SEQUENCE (1 elem) |
|
|
|
// SEQUENCE (1 elem)
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
OCTET STRING (14 byte) |
|
|
|
// OCTET STRING (14 byte)
|
|
|
|
OCTET STRING (16 byte) |
|
|
|
// OCTET STRING (16 byte)
|
|
|
|
*/ |
|
|
|
|
|
|
|
type MetaPBE struct { |
|
|
|
type MetaPBE struct { |
|
|
|
MetaSequenceA |
|
|
|
MetaSequenceA |
|
|
|
Encrypted []byte |
|
|
|
Encrypted []byte |
|
|
@ -158,6 +144,28 @@ func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) |
|
|
|
return aes128CBCDecrypt(key, iv, m.Encrypted) |
|
|
|
return aes128CBCDecrypt(key, iv, m.Encrypted) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// LoginPBE Struct
|
|
|
|
|
|
|
|
// SEQUENCE (3 elem)
|
|
|
|
|
|
|
|
// OCTET STRING (16 byte)
|
|
|
|
|
|
|
|
// SEQUENCE (2 elem)
|
|
|
|
|
|
|
|
// OBJECT IDENTIFIER
|
|
|
|
|
|
|
|
// OCTET STRING (8 byte)
|
|
|
|
|
|
|
|
// OCTET STRING (16 byte)
|
|
|
|
|
|
|
|
type LoginPBE struct { |
|
|
|
|
|
|
|
CipherText []byte |
|
|
|
|
|
|
|
LoginSequence |
|
|
|
|
|
|
|
Encrypted []byte |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type LoginSequence struct { |
|
|
|
|
|
|
|
asn1.ObjectIdentifier |
|
|
|
|
|
|
|
IV []byte |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { |
|
|
|
|
|
|
|
return des3Decrypt(globalSalt, l.IV, l.Encrypted) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) { |
|
|
|
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) { |
|
|
|
block, err := aes.NewCipher(key) |
|
|
|
block, err := aes.NewCipher(key) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
@ -185,7 +193,6 @@ func PKCS5UnPadding(src []byte) []byte { |
|
|
|
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) { |
|
|
|
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) { |
|
|
|
block, err := des.NewTripleDESCipher(key) |
|
|
|
block, err := des.NewTripleDESCipher(key) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
log.Error(err) |
|
|
|
|
|
|
|
return nil, err |
|
|
|
return nil, err |
|
|
|
} |
|
|
|
} |
|
|
|
blockMode := cipher.NewCBCDecrypter(block, iv) |
|
|
|
blockMode := cipher.NewCBCDecrypter(block, iv) |
|
|
@ -194,7 +201,7 @@ func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) { |
|
|
|
return sq, nil |
|
|
|
return sq, nil |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func PaddingZero(s []byte, l int) []byte { |
|
|
|
func paddingZero(s []byte, l int) []byte { |
|
|
|
h := l - len(s) |
|
|
|
h := l - len(s) |
|
|
|
if h <= 0 { |
|
|
|
if h <= 0 { |
|
|
|
return s |
|
|
|
return s |
|
|
@ -205,26 +212,3 @@ func PaddingZero(s []byte, l int) []byte { |
|
|
|
return s |
|
|
|
return s |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
/* Login Struct |
|
|
|
|
|
|
|
SEQUENCE (3 elem) |
|
|
|
|
|
|
|
OCTET STRING (16 byte) |
|
|
|
|
|
|
|
SEQUENCE (2 elem) |
|
|
|
|
|
|
|
OBJECT IDENTIFIER |
|
|
|
|
|
|
|
OCTET STRING (8 byte) |
|
|
|
|
|
|
|
OCTET STRING (16 byte) |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
type LoginPBE struct { |
|
|
|
|
|
|
|
CipherText []byte |
|
|
|
|
|
|
|
LoginSequence |
|
|
|
|
|
|
|
Encrypted []byte |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type LoginSequence struct { |
|
|
|
|
|
|
|
asn1.ObjectIdentifier |
|
|
|
|
|
|
|
IV []byte |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) { |
|
|
|
|
|
|
|
return des3Decrypt(globalSalt, l.IV, l.Encrypted) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|