void BruteCrack(const char *bruteCharSet, char *brutePasswd, const int index, int next )
{
int i;
if (index >= brutePosMaxCount) return;
for(i=0; i< bruteCharCount; i++ )
{
// Plain Brute Crack
if (strlen(brutePattern) == 0)
{
brutePasswd[index] = bruteCharSet[next%bruteCharCount];
brutePasswd[index+1] = 0;
next++;
if( index >= (brutePosMinCount-1) )
{
if(!isQuiet)
printf("%s\n", brutePasswd);
bruteCount++;
if( CheckMasterPassword(brutePasswd) )
{
time(&end);
int diff = difftime(end,start);
printf("\nPassword: \t\"%s\"\tElapsed Time: %d \tCracks/sec: %ld\n", brutePasswd, diff, bruteCount/diff);
exit(0);
}
}
}
// Patten Matching
else
{
if( brutePatternBitmap[index] == 1 )
brutePasswd[index] = brutePattern[index];
else{
brutePasswd[index] = bruteCharSet[next%bruteCharCount];
next++;
}
if( index == (brutePosMaxCount-1) )
{
brutePasswd[index+1] = 0;
if(!isQuiet)
printf("%s\n", brutePasswd);
bruteCount++;
if( CheckMasterPassword(brutePasswd) )
{
time(&end);
int diff = difftime(end,start);
printf("\nPassword: \t\"%s\"\tElapsed Time: %d \tCracks/sec: %ld\n", brutePasswd, diff, bruteCount/diff);
exit(0);
}
}
}
//printf("%i, %i, %s, %s\n",index, next, brutePattern, brutePasswd);
BruteCrack(bruteCharSet, brutePasswd,index+1, next);
if( brutePatternBitmap[index] == 1 )
break;
}
}
int InitializeNSSLibrary(char *profilePath, char *password)
{
IsNSSInitialized = 0;
// Initialize the NSS library
if( (*NSSInit) (profilePath) != SECSuccess )
{
//DisplayMesg(TYPE_ERROR, "\n\n Initialization failed , Make sure key3.db and cert8.db");
//DisplayMesg(TYPE_ERROR, "\n files are present in the specified directory\n");
TerminateFirefoxLibrary();
return 0;
}
IsNSSInitialized = 1;
if( (password != NULL) && (strlen(password) > 1023) )
{
//DisplayMesg(TYPE_ERROR, "\n\n Master Password length is more than the allowed size");
TerminateFirefoxLibrary();
return 0;
}
// Setup and check if master password is correct
if( (password == NULL) || strlen(password) <= 0)
masterPassword[0]=0;
else
strcpy(masterPassword, password);
if( CheckMasterPassword( masterPassword ) != 1)
{
TerminateFirefoxLibrary();
return 0;
}
//DisplayMesg(TYPE_DEBUG, "\n NSS library initiliazed successfully");
return 1;
}
static void crypt_all(int count)
{
int index = 0;
#ifdef _OPENMP
#pragma omp parallel for
for (index = 0; index < count; index++)
#endif
{
unsigned char data1[256];
unsigned char data2[512];
SECItem secPreHash;
secPreHash.data = data1;
memcpy(secPreHash.data + SHA1_LENGTH, salt_struct->saltItem.data, salt_struct->saltItem.len);
secPreHash.len = salt_struct->saltItem.len + SHA1_LENGTH;
SECItem pkcs5_pfxpbe;
pkcs5_pfxpbe.data = data2;
cracked[index] = CheckMasterPassword(saved_key[index],
&pkcs5_pfxpbe,
&secPreHash);
}
}
int FireMasterInit(char *dirProfile)
{
SECItem saltItem;
if( CrackKeyData(dirProfile, &keyCrackData) == false)
{
exit(0);
}
// Initialize the pkcs5 structure...
saltItem.type = (SECItemType) 0;
saltItem.len = keyCrackData.saltLen;
saltItem.data = keyCrackData.salt;
paramPKCS5 = nsspkcs5_NewParam(0, &saltItem, 1);
if( paramPKCS5 == NULL)
{
printf("\n Failed to initialize NSSPKCS5 structure");
exit(0);
}
// Current algorithm is
// SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC
// Setup the encrypted password-check string
memcpy(encString, keyCrackData.encData, keyCrackData.encDataLen );
if( CheckMasterPassword("") == true )
{
printf("\n Master password is not set ...exiting FireMaster \n\n");
exit(0);
}
// Calculate partial sha1 data for password hashing...
SHA1_Init(&pctx);
SHA1_Update(&pctx, keyCrackData.globalSalt, keyCrackData.globalSaltLen);
return true;
}
void HybridCrack(char *hybridPassword){
int i; // Iterator
int count = 1; // Total number of possible cracks
int n = strlen(hybridPassword); // Just what it looks like
int bin = 0; // For binary conversion
switch(hybridCrackMode)
{
// Shift Case
case 0:
while (count < pow(2, n) ){
shiftCase(&hybridPassword[n-1]);
for (i = 1; i < n; i++){
bin = (int)pow(2,i);
if (count % bin == 0)
shiftCase(&hybridPassword[n-i-1]);
}
if (!isQuiet)
printf("%s\n", hybridPassword);
if (CheckMasterPassword(hybridPassword)){
printf("Password:\t \"%s\"\n", hybridPassword);
exit(0);
}
count++;
}
break;
// Prefix
case 1:
// Set the brute pattern to ***[dictionaryPassword]
for (i = 0; i< extraChars; i++)
brutePattern[i] = '*';
for (i; i< strlen(hybridPassword)+extraChars; i++)
brutePattern[i] = hybridPassword[i-extraChars];
brutePosMaxCount = strlen(brutePattern);
for(i=0; i< brutePosMaxCount; i++)
{
if( brutePattern[i] == '*' )
brutePatternBitmap[i] = 0;
else
brutePatternBitmap[i] = 1;
}
brutePatternBitmap[i]=0;
BruteCrack(bruteCharSet, hybridPassword, 0, 0);
break;
// Append
case 2:
// Set the brute pattern to [dictionaryPassword]***
for (i = 0; i< strlen(hybridPassword); i++)
brutePattern[i] = hybridPassword[i];
for (i; i< strlen(hybridPassword)+extraChars; i++)
brutePattern[i] = '*';
brutePosMaxCount = strlen(brutePattern);
for(i=0; i< brutePosMaxCount; i++)
{
if( brutePattern[i] == '*' )
brutePatternBitmap[i] = 0;
else
brutePatternBitmap[i] = 1;
}
brutePatternBitmap[i]=0;
BruteCrack(bruteCharSet, hybridPassword, 0, 0);
break;
}
}
void DictCrack(char *dictFile)
{
FILE *f = NULL;
int index, fileOffset=0;
int i,j,readCount;
int isLastBlock;
f = fopen(dictFile, "rb");
if( !f )
{
printf("Error opening dictionary file \n");
return;
}
fileOffset = 0;
do
{
// read bulk data from file....
readCount = fread(fileBuffer, 1,fileBufferSize, f);
if( readCount == 0 )
break;
// If we have read less chars..then this is the last block...
if( readCount < fileBufferSize )
isLastBlock = 1;
else
isLastBlock = 0;
index = 0;
// check if the begining contains 10,13 chars..if so just skip them...
for(index=0; index < readCount && (fileBuffer[index]==13 || fileBuffer[index]==10) ; index++);
do
{
// Go through the file buffer..extracting each password....
dictPasswd[0]=0;
for(i=index,j=0; i < readCount && fileBuffer[i] != 10 ; i++,j++)
dictPasswd[j]=fileBuffer[i];
dictPasswd[j]=0;
// check if reading finished before '13' i.e we hit the wall
if( i >= readCount && !( isLastBlock && dictPasswd[0]!=0) )
{
if(fileBuffer[i] != 10 )
{
fileOffset += index;
fseek(f, index-readCount,SEEK_CUR); // negative makes it to move backward
}
else
{
fileOffset +=readCount;
}
break;
}
index += strlen(dictPasswd) + 1;
if (!isQuiet)
printf("%s\n", dictPasswd);
if( CheckMasterPassword(dictPasswd) )
{
printf("Password:\t \"%s\"\n", dictPasswd);
fclose(f);
exit(0);
}
if (isHybrid)
HybridCrack(dictPasswd);
}
while(1);
}
while(1);
fclose(f);
}
static void process_path(char *path)
{
int i;
struct stat sb;
if(stat(path, &sb) == 0) {
if(S_ISDIR(sb.st_mode)) {
fprintf (stderr, "%s : is a directory, expecting key3.db file!\n", path);
return;
}
}
if(CrackKeyData(path, &keyCrackData) == false) {
return;
}
// initialize the pkcs5 structure
saltItem.type = (SECItemType) 0;
saltItem.len = keyCrackData.saltLen;
assert(keyCrackData.saltLen < 32);
assert(keyCrackData.oidLen < 32);
saltItem.data = keyCrackData.salt;
struct NSSPKCS5PBEParameter gpbe_param;
unsigned char salt_data[4096];
paramPKCS5 = nsspkcs5_NewParam(0, &saltItem, 1, &gpbe_param, salt_data);
if(paramPKCS5 == NULL) {
fprintf(stderr, "Failed to initialize NSSPKCS5 structure\n");
return;
}
// Current algorithm is
// SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC
// Setup the encrypted password-check string
memcpy(encString, keyCrackData.encData, keyCrackData.encDataLen);
// Calculate partial sha1 data for password hashing
SHA1_Init(&pctx);
SHA1_Update(&pctx, keyCrackData.globalSalt, keyCrackData.globalSaltLen);
unsigned char data1[256];
unsigned char data2[512];
SECItem secPreHash;
secPreHash.data = data1;
memcpy(secPreHash.data + SHA1_LENGTH, saltItem.data, saltItem.len);
secPreHash.len = saltItem.len + SHA1_LENGTH;
SECItem pkcs5_pfxpbe;
pkcs5_pfxpbe.data = data2;
if(CheckMasterPassword("", &pkcs5_pfxpbe, &secPreHash)) {
fprintf (stderr, "%s : no Master Password set!\n", path);
return;
}
printf("%s:$mozilla$*%d*%d*%d*",path, keyCrackData.version, keyCrackData.saltLen, keyCrackData.nnLen);
for (i = 0; i < keyCrackData.saltLen; i++)
printf("%c%c", itoa16[ARCH_INDEX(keyCrackData.salt[i] >> 4)],
itoa16[ARCH_INDEX(keyCrackData.salt[i] & 0x0f)]);
printf("*%d*", keyCrackData.oidLen);
for (i = 0; i < keyCrackData.oidLen; i++)
printf("%c%c", itoa16[ARCH_INDEX(keyCrackData.oidData[i] >> 4)],
itoa16[ARCH_INDEX(keyCrackData.oidData[i] & 0x0f)]);
printf("*%d*", keyCrackData.encDataLen);
for (i = 0; i < keyCrackData.encDataLen; i++)
printf("%c%c", itoa16[ARCH_INDEX(keyCrackData.encData[i] >> 4)],
itoa16[ARCH_INDEX(keyCrackData.encData[i] & 0x0f)]);
printf("*%d*", keyCrackData.globalSaltLen);
for (i = 0; i < keyCrackData.globalSaltLen; i++)
printf("%c%c", itoa16[ARCH_INDEX(keyCrackData.globalSalt[i] >> 4)],
itoa16[ARCH_INDEX(keyCrackData.globalSalt[i] & 0x0f)]);
printf("\n");
}
