Added IE7-9 registry passwords support

TODO.md

@@ -4,11 +4,10 @@
 - [ ] Add MAC OSX Support
 - [ ] Add FileZilla support
 - [ ] Add Opera support
-- [ ] Add Internet Explorer V7-9 support (really long / + hard is it really necessary ?) 
 - [ ] Create the README file
-- [ ] Handle Windows arguments parsing
-- [ ] Make clean Makefile (cMake ?)
+- [ ] Make clean Makefile (use cmake ?)
 - [ ] Refactor functions (parameter names, ...)
+- [x] Add Internet Explorer V7-9 support 
 - [x] Add Argument Parsing for Windows
 - [x] Add Microsoft Edge - IE10 support
 - [x] Handle empty entries (only website entries / nothing)
@@ -31,15 +30,15 @@
 - [x] Handle cipher text  padding
 
 ## For Firefox
-- [ ] Choose the profile we want
+- [ ] Choose the profile we want (or try for every profile)
 - [x] Add Windows compatibility
 - [x] Split main function
 - [x] Enhance code
 - [x] Add Master Password option
 
 ## For Internet Explorer / MSEdge
-- [ ] Test Vault for Windows 7
 - [ ] Fix output_file problem
-- [ ] Add IE7-IE9 Support
 - [ ] Add IE11 Support
 - [ ] Add IE6- Support ?
+- [x] Add IE7-IE9 Support
+- [x] Test Vault for Windows 7

includes/chrome.h

@@ -6,10 +6,10 @@
 #define KEY_LENGTH 16
 #define SECRET_QUERY_SIZE 30
 
-int dump_chrome(int verbose, char *output_file);
+int dump_chrome(int verbose, const char *output_file);
 int prepare_sqlite_statement(char *login_data_path, sqlite3 **db, sqlite3_stmt **stmt);
 int fetch_sqlite_data(char **website, char **username, char **cipher_password, int *len_cipher_password, sqlite3_stmt **stmt);
-int get_chrome_creds(char *login_data_path, char *output); 
+int get_chrome_creds(char *login_data_path, const char *output); 
 int get_masterkey(char *login_data_path, char **masterkey);
 int decrypt_chrome_cipher(char *cipher_password, int len_cipher_password, char **plaintext_password, char *masterkey);
 int load_chrome_paths(char *chrome_path, char *chrome_login_data_path, char *chromium_path, char *chromium_login_data_path);

includes/chrome_linux.h

@@ -3,7 +3,7 @@
 
 const SecretSchema *get_chrome_like_schema(void);
 int get_gnome_masterkey(char *login_data_path, char **masterkey); 
-int aes_decrypt(EVP_CIPHER_CTX *ctx, char *cipher_password, int len_cipher_password, char **plaintext_password, char *iv, char *output_key);
+int aes_decrypt(EVP_CIPHER_CTX *ctx, char *cipher_password, int len_cipher_password, char **plaintext_password, char *iv, unsigned char *output_key);
 int decrypt_gnome_cipher(char *cipher_password, int len_cipher_password, char **plaintext_password, char *masterkey); 
 
 #endif // CHROME_LINUX_H

includes/explorer.h

@@ -6,6 +6,11 @@
 #ifndef EXPLORER_H
 #define EXPLORER_H
 
+#define URL_MAX_SIZE 150
+#define MAX_HASH_SIZE 1024
+#define MAX_URL_HISTORY 50
+#define CIPHER_SIZE_MAX 5000
+
 typedef HANDLE HVAULT;
 
 enum VAULT_ELEMENT_TYPE {
@@ -77,8 +82,6 @@ typedef struct _VAULT_ITEM_7 {
 	PVAULT_ITEM_DATA Properties;
 } VAULT_ITEM_7, *PVAULT_ITEM_7;
 
-
-
 typedef DWORD(WINAPI *VaultEnumerateVaults_t)(DWORD flags, PDWORD count, GUID **guids);
 typedef DWORD(WINAPI *VaultEnumerateItems_t)(HVAULT handle, DWORD flags, PDWORD count, PVOID *items);
 typedef DWORD(WINAPI *VaultOpenVault_t)(GUID *id, DWORD flags, HVAULT *handle);
@@ -87,10 +90,22 @@ typedef DWORD(WINAPI *VaultFree_t)(PVOID mem);
 //typedef unsigned int (__stdcall *VaultGetItem_t)(void *VaultHandle, GUID *pSchemaId, vault_entry_s *pResource, vault_entry_s *pIdentity, vault_entry_s *pPackageSid, HWND *hwndOwner, unsigned int dwFlags, vault_cred_s **ppItem);
 typedef DWORD(WINAPI * VaultGetItem_t) (HANDLE vault, LPGUID SchemaId, PVAULT_ITEM_DATA Resource, PVAULT_ITEM_DATA Identity, PVAULT_ITEM_DATA PackageSid, HWND hWnd, DWORD Flags, PVAULT_ITEM * pItem);
 
+typedef struct {
+	wchar_t utf_url[URL_MAX_SIZE];
+	char url[URL_MAX_SIZE];
+} IEUrl;
 
 int load_ie_vault_libs();
-int get_ie_vault_creds(char *output_file);
-int dump_explorer(int verbose, char *output_file);
+int get_ie_vault_creds(const char *output_file);
+int dump_explorer(int verbose, const char *output_file);
+int dpapi_decrypt_entropy(char *cipher_data, int len_cipher_data, wchar_t *entropy_password, int len_entropy_password, char **plaintext_data);
+int get_registry_history(IEUrl *urls, int *n_urls, int nHowMany);
+void get_url_hash(wchar_t *wstrURL, char *strHash, int dwSize); 
+int get_ie_history();
+void add_known_websites(IEUrl *urls, int *n_urls);
+int get_ie_registry_creds(const char *output_file);
+int print_decrypted_data(char *decrypted_data, char *url, const char *output_file);
+
 
 
 #endif // EXPLORER_H

includes/firefox.h

@@ -1,12 +1,12 @@
 #ifndef FIREFOX_H
 #define FIREFOX_H
 
-int dump_firefox(int verbose, char *output_file, char *master_password);
-int get_firefox_creds(char *profile_path, char *logins_path, char *output_file, char *master_password); 
+int dump_firefox(int verbose, const char *output_file, const char *master_password);
+int get_firefox_creds(char *profile_path, char *logins_path, const char *output_file, const char *master_password); 
 int get_profile(char* profiles_ini_path, char* profile);
 int load_firefox_paths(char *firefox_path, char *profiles_ini_path);
 int decrypt_firefox_cipher(char *ciphered, char **plaintext);
-int nss_authenticate(char *profile_path, void *key_slot, char *master_password);
+int nss_authenticate(char *profile_path, void *key_slot, const char *master_password);
 void free_pk11_nss(void *key_slot);
 
 #endif // FIREFOX_H

includes/main.h

@@ -1,9 +1,9 @@
 #ifndef MAIN_H
 #define MAIN_H
 
-#define MAX_PATH 300
+#define MAX_PATH_SIZE 300
 
 // TODO: Temporary maybe create specific.h
-int dump_specific(int verbose, char *output_file);
+int dump_specific(int verbose, const char *output_file);
 
 #endif // MAIN_H

src/chrome.c

@@ -61,7 +61,7 @@ int fetch_sqlite_data(char **website, char **username, char **cipher_password, i
  *
  * @return 1 on success, -1 on failure
  */
-int get_chrome_creds(char *login_data_path, char *output) {
+int get_chrome_creds(char *login_data_path, const char *output) {
 	sqlite3 *db;
 	sqlite3_stmt *stmt;
 	if(prepare_sqlite_statement(login_data_path, &db, &stmt) == -1) {
@@ -129,21 +129,22 @@ int get_chrome_creds(char *login_data_path, char *output) {
 	return 1;
 }
 
-int dump_chrome(int verbose, char *output_file) {
+int dump_chrome(int verbose, const char *output_file) {
+	puts("[*] Starting Chrome dump...");
 	int result = 0;
-	char chrome_path[MAX_PATH];
-	char chrome_login_data_path[MAX_PATH];
-	char chromium_path[MAX_PATH];
-	char chromium_login_data_path[MAX_PATH];
-	//char brave_path[MAX_PATH];
-	//char brave_login_data_path[MAX_PATH];
+	char chrome_path[MAX_PATH_SIZE];
+	char chrome_login_data_path[MAX_PATH_SIZE];
+	char chromium_path[MAX_PATH_SIZE];
+	char chromium_login_data_path[MAX_PATH_SIZE];
+	//char brave_path[MAX_PATH_SIZE];
+	//char brave_login_data_path[MAX_PATH_SIZE];
 
 	// TODO: Add brave support
 
 	load_chrome_paths(chrome_path, chrome_login_data_path, chromium_path, chromium_login_data_path);
 
 	// TODO: S_OK / F_OK ?
-	if(access(chrome_login_data_path,0) != -1  ) {
+	if(access(chrome_login_data_path,0) != -1) {
 		printf("[*] Starting Chrome credentials dump...\n\n");
 		result = get_chrome_creds(chrome_login_data_path, output_file);
 	}

src/firefox.c

@@ -11,7 +11,7 @@
 // TODO:
 // - Choose the profile we want and not the default one (Profile0)
 
-int get_firefox_creds(char *profile_path, char *logins_path, char *output_file, char *master_password) {
+int get_firefox_creds(char *profile_path, char *logins_path, const char *output_file, const char *master_password) {
 	void* key_slot = NULL; 
 	if((nss_authenticate(profile_path, key_slot, master_password)) == -1) {
 		fprintf(stderr, "nss_authenticate failure()\n");
@@ -84,13 +84,14 @@ int get_firefox_creds(char *profile_path, char *logins_path, char *output_file,
 	return 1;
 }
 
-int dump_firefox(int verbose, char *output_file, char *master_password) {
+int dump_firefox(int verbose, const char *output_file, const char *master_password) {
+	puts("[*] Starting Firefox dump...");
 	int result = 0;
-	char firefox_path[MAX_PATH];
-	char profiles_ini_path[MAX_PATH];
-	char profile[MAX_PATH];
-	char profile_path[MAX_PATH];
-	char logins_path[MAX_PATH];
+	char firefox_path[MAX_PATH_SIZE];
+	char profiles_ini_path[MAX_PATH_SIZE];
+	char profile[MAX_PATH_SIZE];
+	char profile_path[MAX_PATH_SIZE];
+	char logins_path[MAX_PATH_SIZE];
 
 	load_firefox_paths(firefox_path, profiles_ini_path);
 
@@ -99,8 +100,8 @@ int dump_firefox(int verbose, char *output_file, char *master_password) {
 		return -1;
 	}
 
-	snprintf(profile_path, MAX_PATH, "%s%s%s", firefox_path, "/", profile);
-	snprintf(logins_path, MAX_PATH, "%s/logins.json", profile_path);
+	snprintf(profile_path, MAX_PATH_SIZE, "%s%s%s", firefox_path, "/", profile);
+	snprintf(logins_path, MAX_PATH_SIZE, "%s/logins.json", profile_path);
 
 	// TODO: S_OK / F_OK
 	if(access(logins_path, 0) != -1) {

src/linux/chrome.c

@@ -75,7 +75,7 @@ int get_gnome_masterkey(char *login_data_path, char **masterkey) {
  * 
  * @return 1 on success, -1 on failure
  */
-int aes_decrypt(EVP_CIPHER_CTX *ctx, char *cipher_password, int len_cipher_password, char **plaintext_password, char *iv, char *output_key) {
+int aes_decrypt(EVP_CIPHER_CTX *ctx, char *cipher_password, int len_cipher_password, char **plaintext_password, char *iv, unsigned char *output_key) {
 	int len;
 	int plaintext_len;
 
@@ -137,7 +137,7 @@ int get_masterkey(char *login_data_path, char **masterkey) {
 int decrypt_gnome_cipher(char *cipher_password, int len_cipher_password, char **plaintext_password, char *masterkey) {
 	// TODO: No need to recalculate the key every time. 
 	// 2 - We get the PBKDF2 key 
-	char output_key[KEY_LENGTH];
+	unsigned char output_key[KEY_LENGTH];
 	char *salt = "saltysalt";
 	if(PKCS5_PBKDF2_HMAC(masterkey, strlen(masterkey), salt, strlen(salt), 1, EVP_sha1(), KEY_LENGTH, output_key) == 0) {
 		fprintf(stderr, "PKCS5_PBKDF2_HMAC() failure\n");
@@ -170,11 +170,11 @@ int decrypt_chrome_cipher(char *cipher_password, int len_cipher_password, char *
 
 int load_chrome_paths(char *chrome_path, char *chrome_login_data_path, char *chromium_path, char *chromium_login_data_path) {
 	char *home = getenv("HOME");
-	snprintf(chrome_path, MAX_PATH, "%s/.config/google-chrome/Default", home);
-	snprintf(chrome_login_data_path, MAX_PATH, "%s/Login Data", chrome_path);
-	snprintf(chromium_path, MAX_PATH, "%s/.config/chromium/Default", home);
-	snprintf(chromium_login_data_path, MAX_PATH, "%s/Login Data", chromium_path);
-	//snprintf(brave_path, MAX_PATH, "%s/.config/BraveSoftware/Brave-Browser/Default", home);
+	snprintf(chrome_path, MAX_PATH_SIZE, "%s/.config/google-chrome/Default", home);
+	snprintf(chrome_login_data_path, MAX_PATH_SIZE, "%s/Login Data", chrome_path);
+	snprintf(chromium_path, MAX_PATH_SIZE, "%s/.config/chromium/Default", home);
+	snprintf(chromium_login_data_path, MAX_PATH_SIZE, "%s/Login Data", chromium_path);
+	//snprintf(brave_path, MAX_PATH_SIZE, "%s/.config/BraveSoftware/Brave-Browser/Default", home);
 	//snprintf(brave_login_data_path, "%s/Login Data", brave_path);
 
 	return 1;

src/linux/firefox.c

@@ -37,8 +37,8 @@ int get_profile(char* profiles_ini_path, char* profile) {
 
 int load_firefox_paths(char *firefox_path, char *profiles_ini_path) {
 	char *home = getenv("HOME");
-	snprintf(firefox_path, MAX_PATH, "%s/.mozilla/firefox", home);
-	snprintf(profiles_ini_path, MAX_PATH, "%s/profiles.ini", firefox_path);
+	snprintf(firefox_path, MAX_PATH_SIZE, "%s/.mozilla/firefox", home);
+	snprintf(profiles_ini_path, MAX_PATH_SIZE, "%s/profiles.ini", firefox_path);
 
 	return 1;
 }
@@ -67,7 +67,7 @@ int decrypt_firefox_cipher(char *ciphered, char **plaintext) {
 	return 1;
 }
 
-int nss_authenticate(char *profile_path, void *key_slot, char *master_password) {
+int nss_authenticate(char *profile_path, void *key_slot, const char *master_password) {
 	if(NSS_Init(profile_path) != SECSuccess) {
 		fprintf(stderr, "NSS Initialisation failed\n");
 		fflush(stderr);

src/linux/specific.c

@@ -3,7 +3,7 @@
 
 #include "main.h"
 
-int dump_specific(int verbose, char *output_file) {
+int dump_specific(int verbose, const char *output_file) {
 	puts("[*] Starting OS Specific dump...");
 	puts("[-] Linux does not have any OS Specific browsers");
 

src/main.c

@@ -26,7 +26,6 @@ int main(int argc, char** argv) {
 		end      = arg_end(20),	
 	};
 
-	int exitcode = 0;
 	char *progname = "Silent_Pass";
 	char *progversion = "0.1";
 	char *progdate = "2019";

src/utilities/json.c

@@ -18,6 +18,7 @@ int parse_json(char *path, char **json) {
 	if(*json == 0) {
 		fprintf(stderr, "malloc() failure\n");
 		free(*json);
+		fclose(f);
 		return -1;
 	}
 	fread(*json, 1, fsize, f);

src/win32/chrome.c

@@ -124,8 +124,8 @@ int aead_decrypt(char *cipher_password, int len_cipher_password, char *key, char
 
 int get_json_base64_key(char **b64_key) {
 	char *home = getenv("LOCALAPPDATA");
-	char local_state_path[MAX_PATH];
-	snprintf(local_state_path, MAX_PATH, "%s\\Chromium\\User Data\\Local State", home);
+	char local_state_path[MAX_PATH_SIZE];
+	snprintf(local_state_path, MAX_PATH_SIZE, "%s\\Chromium\\User Data\\Local State", home);
 
 	char *json;
 	if(parse_json(local_state_path, &json) == -1) {
@@ -264,11 +264,11 @@ int get_masterkey(char *login_data_path, char **masterkey) {
 
 int load_chrome_paths(char *chrome_path, char *chrome_login_data_path, char *chromium_path, char *chromium_login_data_path) {
 	char *home = getenv("LOCALAPPDATA");
-	snprintf(chrome_path, MAX_PATH, "%s\\Google\\Chrome\\User Data\\Default", home);
-	snprintf(chrome_login_data_path, MAX_PATH, "%s\\Login Data", chrome_path);
-	snprintf(chromium_path, MAX_PATH, "%s\\Chromium\\User Data\\Default", home);
-	snprintf(chromium_login_data_path, MAX_PATH, "%s\\Login Data", chromium_path);
-	//snprintf(brave_path, MAX_PATH, "%s/.config/BraveSoftware/Brave-Browser/Default", home);
+	snprintf(chrome_path, MAX_PATH_SIZE, "%s\\Google\\Chrome\\User Data\\Default", home);
+	snprintf(chrome_login_data_path, MAX_PATH_SIZE, "%s\\Login Data", chrome_path);
+	snprintf(chromium_path, MAX_PATH_SIZE, "%s\\Chromium\\User Data\\Default", home);
+	snprintf(chromium_login_data_path, MAX_PATH_SIZE, "%s\\Login Data", chromium_path);
+	//snprintf(brave_path, MAX_PATH_SIZE, "%s/.config/BraveSoftware/Brave-Browser/Default", home);
 	//snprintf(brave_login_data_path, "%s/Login Data", brave_path);
 
 	return 1;