mirror of
https://github.com/hashcat/hashcat.git
synced 2024-12-27 08:58:10 +00:00
163 lines
4.8 KiB
Python
Executable File
163 lines
4.8 KiB
Python
Executable File
#!/usr/bin/env python
|
|
"""Utility to extract Bitwarden hash for hashcat from Google Chrome / Firefox / Desktop local data"""
|
|
|
|
#
|
|
# Based on bitwarden2john.py https://github.com/willstruggle/john/blob/master/bitwarden2john.py
|
|
#
|
|
# Various data locations are documented here: https://bitwarden.com/help/data-storage/#on-your-local-machine
|
|
#
|
|
# Author: https://github.com/Greexter
|
|
# License: MIT
|
|
#
|
|
|
|
import os
|
|
import argparse
|
|
import sys
|
|
import base64
|
|
import traceback
|
|
|
|
try:
|
|
import json
|
|
assert json
|
|
except ImportError:
|
|
try:
|
|
import simplejson as json
|
|
except ImportError:
|
|
print("Please install json module which is currently not installed.\n", file=sys.stderr)
|
|
sys.exit(-1)
|
|
|
|
|
|
def process_sqlite(path):
|
|
try:
|
|
import snappy
|
|
except ImportError:
|
|
print("Please install python-snappy module.\n", file=sys.stderr)
|
|
sys.exit(-1)
|
|
try:
|
|
import sqlite3
|
|
except ImportError:
|
|
print("Please install sqlite3 module.\n", file=sys.stderr)
|
|
sys.exit(-1)
|
|
|
|
conn = sqlite3.connect(path)
|
|
cur = conn.cursor()
|
|
data = cur.execute('SELECT * FROM object_data')
|
|
fetched = data.fetchall()
|
|
|
|
# uses undocumented nonstandard data format
|
|
# probably can break in the future
|
|
dataValue = snappy.decompress(fetched[0][4])
|
|
|
|
key_hash = dataValue.split(b"keyHash")[1][9:53].decode()
|
|
email = dataValue.split(b"email")[1][11:].split(b'\x00')[0].decode()
|
|
iterations = int.from_bytes(dataValue.split(b"kdfIterations")[1][3:7], byteorder="little")
|
|
|
|
return [(email, key_hash, iterations)]
|
|
|
|
|
|
def process_leveldb(path):
|
|
try:
|
|
import leveldb
|
|
except ImportError:
|
|
print("Please install the leveldb module for full functionality!\n", file=sys.stderr)
|
|
sys.exit(-1)
|
|
|
|
db = leveldb.LevelDB(path, create_if_missing=False)
|
|
|
|
try:
|
|
out = []
|
|
accIds = db.Get(b'authenticatedAccounts')
|
|
accIds = json.loads(accIds)
|
|
|
|
for id in accIds:
|
|
authAccData = db.Get(id.strip('"').encode())
|
|
out.append(extract_json_profile(json.loads(authAccData)))
|
|
|
|
return out
|
|
except(KeyError):
|
|
# support for older Bitwarden versions (before account switch implementation)
|
|
# data is stored in different format
|
|
print("Failed to extract data, trying old format.", file=sys.stderr)
|
|
email = db.Get(b'userEmail')\
|
|
.decode('utf-8')\
|
|
.strip('"')
|
|
key_hash = db.Get(b'keyHash')\
|
|
.decode("ascii").strip('"')
|
|
iterations = int(db.Get(b'kdfIterations').decode("ascii"))
|
|
|
|
return [(email, key_hash, iterations)]
|
|
|
|
|
|
def process_json(data):
|
|
data = json.loads(data)
|
|
|
|
try:
|
|
out = []
|
|
accIds = data["authenticatedAccounts"]
|
|
for id in accIds:
|
|
authAccData = data[id.strip('"')]
|
|
out.append(extract_json_profile(authAccData))
|
|
|
|
return out
|
|
except(KeyError):
|
|
print("Failed to extract data, trying old format.", file=sys.stderr)
|
|
email = data["rememberedEmail"]
|
|
hash = data["keyHash"]
|
|
iterations = data["kdfIterations"]
|
|
|
|
return [(email, hash, iterations)]
|
|
|
|
|
|
def extract_json_profile(data):
|
|
profile = data["profile"]
|
|
email = profile["email"]
|
|
iterations = profile["kdfIterations"]
|
|
hash = profile["keyHash"]
|
|
return email, hash, iterations
|
|
|
|
|
|
def process_file(filename, legacy = False):
|
|
try:
|
|
if os.path.isdir(filename):
|
|
# Chromium based
|
|
data = process_leveldb(filename)
|
|
elif filename.endswith(".sqlite"):
|
|
# Firefox
|
|
data = process_sqlite(filename)
|
|
elif filename.endswith(".json"):
|
|
# json - Desktop
|
|
with open(filename, "rb") as f:
|
|
data = f.read()
|
|
data = process_json(data)
|
|
else:
|
|
print("Unknown storage. Don't know how to extract data.", file=sys.stderr)
|
|
sys.exit(-1)
|
|
|
|
except (ValueError, KeyError):
|
|
traceback.print_exc()
|
|
print("Missing values, user is probably logged out.", file=sys.stderr)
|
|
return
|
|
except:
|
|
traceback.print_exc()
|
|
return
|
|
|
|
iterations2 = 1 if legacy else 2
|
|
for entry in data:
|
|
if len(entry) != 3:
|
|
print("[error] %s could not be parsed properly!\nUser is probably logged out." % filename, file=sys.stderr)
|
|
continue
|
|
|
|
print("$bitwarden$2*%d*%d*%s*%s" %
|
|
(entry[2], iterations2, base64.b64encode(entry[0].encode("ascii")).decode("ascii"), entry[1]))
|
|
|
|
|
|
if __name__ == "__main__":
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument("paths", type=str, nargs="+")
|
|
parser.add_argument("--legacy", action="store_true", help="Used for older versions of Bitwarden (before static iteration count had been changed).")
|
|
|
|
args = parser.parse_args()
|
|
|
|
for p in args.paths:
|
|
process_file(p, args.legacy)
|