k
/
HackBrowserData
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
188 Commits
4 Branches
33 Tags
11 MiB
 
Tag: Branch: Tree: 6e05315ac6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6e05315ac6'
${ noResults }
HackBrowserData/internal/decrypter/decrypter.go

214 lines
4.6 KiB
Raw Blame History

package decrypter
import (
"crypto/aes"
"crypto/cipher"
"crypto/des"
"crypto/hmac"
"crypto/sha1"
"crypto/sha256"
"encoding/asn1"
"errors"
"golang.org/x/crypto/pbkdf2"
)
var (
errSecurityKeyIsEmpty = errors.New("input [security find-generic-password -wa 'Chrome'] in terminal")
errPasswordIsEmpty = errors.New("password is empty")
errDecryptFailed = errors.New("decrypter encrypt value failed")
errDecodeASN1Failed = errors.New("decode ASN1 data failed")
errEncryptedLength = errors.New("length of encrypted password less than block size")
)
type ASN1PBE interface {
Decrypt(globalSalt, masterPwd []byte) (key []byte, err error)
}
func NewASN1PBE(b []byte) (pbe ASN1PBE, err error) {
var (
n NssPBE
m MetaPBE
l LoginPBE
)
if _, err := asn1.Unmarshal(b, &n); err == nil {
return n, nil
}
if _, err := asn1.Unmarshal(b, &m); err == nil {
return m, nil
}
if _, err := asn1.Unmarshal(b, &l); err == nil {
return l, nil
}
return nil, errDecodeASN1Failed
}
// NssPBE Struct
// SEQUENCE (2 elem)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// SEQUENCE (2 elem)
// OCTET STRING (20 byte)
// INTEGER 1
// OCTET STRING (16 byte)
type NssPBE struct {
NssSequenceA
Encrypted []byte
}
type NssSequenceA struct {
DecryptMethod asn1.ObjectIdentifier
NssSequenceB
}
type NssSequenceB struct {
EntrySalt []byte
Len int
}
func (n NssPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
glmp := append(globalSalt, masterPwd...)
hp := sha1.Sum(glmp)
s := append(hp[:], n.EntrySalt...)
chp := sha1.Sum(s)
pes := paddingZero(n.EntrySalt, 20)
tk := hmac.New(sha1.New, chp[:])
tk.Write(pes)
pes = append(pes, n.EntrySalt...)
k1 := hmac.New(sha1.New, chp[:])
k1.Write(pes)
tkPlus := append(tk.Sum(nil), n.EntrySalt...)
k2 := hmac.New(sha1.New, chp[:])
k2.Write(tkPlus)
k := append(k1.Sum(nil), k2.Sum(nil)...)
iv := k[len(k)-8:]
return des3Decrypt(k[:24], iv, n.Encrypted)
}
// MetaPBE Struct
// SEQUENCE (2 elem)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// SEQUENCE (2 elem)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// SEQUENCE (4 elem)
// OCTET STRING (32 byte)
// INTEGER 1
// INTEGER 32
// SEQUENCE (1 elem)
// OBJECT IDENTIFIER
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// OCTET STRING (14 byte)
// OCTET STRING (16 byte)
type MetaPBE struct {
MetaSequenceA
Encrypted []byte
}
type MetaSequenceA struct {
PKCS5PBES2 asn1.ObjectIdentifier
MetaSequenceB
}
type MetaSequenceB struct {
MetaSequenceC
MetaSequenceD
}
type MetaSequenceC struct {
PKCS5PBKDF2 asn1.ObjectIdentifier
MetaSequenceE
}
type MetaSequenceD struct {
AES256CBC asn1.ObjectIdentifier
IV []byte
}
type MetaSequenceE struct {
EntrySalt []byte
IterationCount int
KeySize int
MetaSequenceF
}
type MetaSequenceF struct {
HMACWithSHA256 asn1.ObjectIdentifier
}
func (m MetaPBE) Decrypt(globalSalt, masterPwd []byte) (key2 []byte, err error) {
k := sha1.Sum(globalSalt)
key := pbkdf2.Key(k[:], m.EntrySalt, m.IterationCount, m.KeySize, sha256.New)
iv := append([]byte{4, 14}, m.IV...)
return aes128CBCDecrypt(key, iv, m.Encrypted)
}
// LoginPBE Struct
// SEQUENCE (3 elem)
// OCTET STRING (16 byte)
// SEQUENCE (2 elem)
// OBJECT IDENTIFIER
// OCTET STRING (8 byte)
// OCTET STRING (16 byte)
type LoginPBE struct {
CipherText []byte
LoginSequence
Encrypted []byte
}
type LoginSequence struct {
asn1.ObjectIdentifier
IV []byte
}
func (l LoginPBE) Decrypt(globalSalt, masterPwd []byte) (key []byte, err error) {
return des3Decrypt(globalSalt, l.IV, l.Encrypted)
}
func aes128CBCDecrypt(key, iv, encryptPass []byte) ([]byte, error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
encryptLen := len(encryptPass)
if encryptLen < block.BlockSize() {
return nil, errEncryptedLength
}
dst := make([]byte, encryptLen)
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(dst, encryptPass)
dst = PKCS5UnPadding(dst)
return dst, nil
}
func PKCS5UnPadding(src []byte) []byte {
length := len(src)
unpad := int(src[length-1])
return src[:(length - unpad)]
}
// des3Decrypt use for decrypter firefox PBE
func des3Decrypt(key, iv []byte, src []byte) ([]byte, error) {
block, err := des.NewTripleDESCipher(key)
if err != nil {
return nil, err
}
blockMode := cipher.NewCBCDecrypter(block, iv)
sq := make([]byte, len(src))
blockMode.CryptBlocks(sq, src)
return sq, nil
}
func paddingZero(s []byte, l int) []byte {
h := l - len(s)
if h <= 0 {
return s
} else {
for i := len(s); i < l; i++ {
s = append(s, 0)
}
return s
}
}