I want to write a simple utility that extracts passwords from a Firefox password database (the corresponding file is called signons.sqlite in the profile folder).
What I have done so far: an open database using sqlite, an extracted encrypted username, an encrypted password, and a website address (all stored as std::string ).
So, all that remains is to decrypt the username and password strings.
I tried the following ( PK11Decrypt should store the plaintext password in plaintext ):
void Firefox_Importer::PK11Decrypt(string _cipheredBuffer, char **plaintext) { // declarations needed SECItem * request; SECItem * reply; unsigned int len = (unsigned int)_cipheredBuffer.length(); const char* cipheredBuffer = (const char*)_cipheredBuffer.c_str(); // generate request and reply SECItem; seems to work properly reply = SECITEM_AllocItem(NULL, NULL, 0); if (reply == NULL) cout << "Error allocating SECITEM." << endl; request = NSSBase64_DecodeBuffer(NULL, NULL, cipheredBuffer, len); if (request == NULL) cout << "Error decoding buffer." << endl; // the following is not working SECStatus tmp = PK11SDR_Decrypt(request, reply, NULL); if(tmp != SECSuccess) cout << "Something went wrong during decrypting" << endl; *plaintext = (char*)malloc(reply->len + 1); strncpy(*plaintext, (const char*)reply->data, reply->len); (*plaintext)[reply->len] = '\0'; SECITEM_FreeItem(request, true); SECITEM_FreeItem(reply, true); }
When PK11Decrypt is PK11Decrypt , it prints Something went wrong during decrypting , indicating that the PK11SDR_Decrypt call PK11SDR_Decrypt not work properly. It always returns SECFailure (which corresponds to -1).
Does anyone have any clues or know what I'm doing wrong?
source share