我想从我的桌面运行一个JavaScript脚本,可以从提供的谷歌浏览器.localstorage文件中获取信息,我很好奇如何执行此操作。 我知道有localstorage,但这是在浏览器内。 我希望能够指定'\ .config \ google-chrome \ Default \ Local Storage \ Default \ http_asite.com_0.localstorage',然后返回里面的k,v对。 我知道它对某些容量是可读的,因为您可以使用像DB Browser这样的工具来执行此操作。
I'm wanting to run a Javascript script from my desktop that can pull info from a provided google chrome .localstorage file and I was curious how to do this. I know there is localstorage but that's for within the browser. I want to be able to specify say '\.config\google-chrome\Default\Local Storage\Default\http_asite.com_0.localstorage' where it then returns the k,v pairs inside. I know it is readable to some capacity since you can use tools like DB Browser to do this.
最满意答案
SOOOO,如果有其他人想要这样做,我写了这项工作正在进行中。 它是UAF,但将所有k,v对连接成单个字符串,然后解析出来。 由于没有一个真正好的格式来与sqlite3进行接口,所以表格不容易找到,并且值被存储为blob,它只是一个PITA。 索引用于包含通常会被删除的字符(如果需要,可以添加更多字符)。 注意:这是一个mac目录,ubuntu和Window用户需要对此进行解释。
function get_storage() { var arrayBuffer; var file_path = '/Users/you/Library/Application\ Support/Google/Chrome/Default/Local\ Storage/asite.com.localstorage'; fs = require('fs'); fs.readFile(file_path, 'utf8', function (err, data) { if (err) { return console.log(err); } else { data = data.toString(); // Weed out garbage data = data.replace(/[^\x00-\x7F]/g, "").replace(/\0/g, '').replace(/\3/g, '').replace('FAIL)', '').split(" "); var user_credentials = data[data.length - 1].split(""); var my_result = []; // Account for js keywords for (var i = 0; i < user_credentials.length; i++) { if (/\r|\n|\t|\b/.exec(user_credentials[i]) != null || user_credentials[i].indexOf("@") > -1 || user_credentials[i].indexOf("!") > -1 || user_credentials[i].indexOf(".") > -1) { my_result.push(user_credentials[i]); } } // final sweep because some will get missed my_result = my_result.join("").split("\n")[0].split("\r")[1]; // a site's local storage console.log(my_result) } }); } get_storage();SOOOO, if anyone else wants to do this I wrote this work in progress. It is UAF but concatenates all k,v pairs into a single string to then be parsed out. Since there isn't a really good format to interface with sqlite3, the tables aren't easy to find, and the values are stored as blob it is just a PITA to do. The index of is used to include characters that would typically be removed (so add more if needed). NOTE: This is a mac directory, ubuntu and Window users will need to account for this.
function get_storage() { var arrayBuffer; var file_path = '/Users/you/Library/Application\ Support/Google/Chrome/Default/Local\ Storage/asite.com.localstorage'; fs = require('fs'); fs.readFile(file_path, 'utf8', function (err, data) { if (err) { return console.log(err); } else { data = data.toString(); // Weed out garbage data = data.replace(/[^\x00-\x7F]/g, "").replace(/\0/g, '').replace(/\3/g, '').replace('FAIL)', '').split(" "); var user_credentials = data[data.length - 1].split(""); var my_result = []; // Account for js keywords for (var i = 0; i < user_credentials.length; i++) { if (/\r|\n|\t|\b/.exec(user_credentials[i]) != null || user_credentials[i].indexOf("@") > -1 || user_credentials[i].indexOf("!") > -1 || user_credentials[i].indexOf(".") > -1) { my_result.push(user_credentials[i]); } } // final sweep because some will get missed my_result = my_result.join("").split("\n")[0].split("\r")[1]; // a site's local storage console.log(my_result) } }); } get_storage();更多推荐
发布评论