diff --git a/btcrecover/btcrpass.py b/btcrecover/btcrpass.py index 7a6f7e56..cc5d3bdd 100644 --- a/btcrecover/btcrpass.py +++ b/btcrecover/btcrpass.py @@ -3053,7 +3053,7 @@ def load_from_filename(cls, wallet_filename): # For LDB files and Ronin wallet log files if b"vault" in record.key or b"encryptedVault" in record.key: data = record.value.decode("utf-8", "ignore").replace("\\", "") - if "salt" in data: + if "\"salt\"" in data: if data in walletdata_list: continue @@ -3061,19 +3061,24 @@ def load_from_filename(cls, wallet_filename): if b"data" in record.key: data = record.value.decode("utf-8", "ignore").replace("\\", "") - if "salt" in data: - walletStartText = "vault" + if "\"salt\"" in data: + walletStartText = "\"vault\"" wallet_data_start = data.lower().find(walletStartText) wallet_data_trimmed = data[wallet_data_start:] - wallet_data_start = wallet_data_trimmed.find("data") - wallet_data_trimmed = wallet_data_trimmed[wallet_data_start - 2:] + wallet_data_start = wallet_data_trimmed.find("\"data\"") + wallet_data_trimmed = wallet_data_trimmed[wallet_data_start - 1:] - wallet_data_end = wallet_data_trimmed.find("}") + wallet_data_end = wallet_data_trimmed.find("}\"}") wallet_data = wallet_data_trimmed[:wallet_data_end + 1] + if wallet_data in walletdata_list: + continue + + walletdata_list.append(wallet_data) + except ValueError: tryLoadJSONFile = True @@ -3111,6 +3116,13 @@ def load_from_filename(cls, wallet_filename): self.encrypted_block = base64.b64decode(wallet_json["cipher"])[:16] self.iv = binascii.unhexlify(wallet_json["iv"]) self._mobileWallet = True + elif "keyMetadata" in wallet_data: + hash_iterations = wallet_json["keyMetadata"]["params"]["iterations"] + self = cls(hash_iterations, loading=True) + self.salt = base64.b64decode(wallet_json["salt"]) + self.encrypted_vault = base64.b64decode(wallet_json["data"]) + self.encrypted_block = base64.b64decode(wallet_json["data"])[:16] + self.iv = base64.b64decode(wallet_json["iv"]) else: self = cls(10000, loading=True) self.salt = base64.b64decode(wallet_json["salt"]) @@ -3139,7 +3151,7 @@ def load_from_data_extract(cls, file_data): def difficulty_info(self): if not self._mobileWallet: - return "10,000 PBKDF2-SHA256 iterations" + return str(self._iter_count) + " PBKDF2-SHA256 iterations" else: return "5,000 PBKDF2-SHA512 iterations" diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000005.ldb b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000005.ldb new file mode 100644 index 00000000..bdd3f29d Binary files /dev/null and b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000005.ldb differ diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000014.log b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000014.log new file mode 100644 index 00000000..54d1aca2 Binary files /dev/null and b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000014.log differ diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000016.ldb b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000016.ldb new file mode 100644 index 00000000..ebb0edf5 Binary files /dev/null and b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/000016.ldb differ diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/CURRENT b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/CURRENT new file mode 100644 index 00000000..7ed683d1 --- /dev/null +++ b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/CURRENT @@ -0,0 +1 @@ +MANIFEST-000001 diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/LOCK b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/LOCK new file mode 100644 index 00000000..e69de29b diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/LOG b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/LOG new file mode 100644 index 00000000..3418c0f4 --- /dev/null +++ b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/LOG @@ -0,0 +1,29 @@ +2024/03/18-06:48:42.105 170 Creating DB C:\Users\crypto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn since it was missing. +2024/03/18-06:48:42.109 170 Reusing MANIFEST C:\Users\crypto\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn/MANIFEST-000001 +2024/03/18-06:52:44.112 b0 Level-0 table #5: started +2024/03/18-06:52:44.130 b0 Level-0 table #5: 2523551 bytes OK +2024/03/18-06:52:44.132 b0 Delete type=0 #3 +2024/03/18-06:52:52.047 b0 Level-0 table #7: started +2024/03/18-06:52:52.064 b0 Level-0 table #7: 2524042 bytes OK +2024/03/18-06:52:52.065 b0 Delete type=0 #4 +2024/03/18-06:53:04.453 b0 Level-0 table #9: started +2024/03/18-06:53:04.472 b0 Level-0 table #9: 2526103 bytes OK +2024/03/18-06:53:04.474 b0 Delete type=0 #6 +2024/03/18-06:53:09.554 b0 Level-0 table #11: started +2024/03/18-06:53:09.573 b0 Level-0 table #11: 2527469 bytes OK +2024/03/18-06:53:09.575 b0 Delete type=0 #8 +2024/03/18-06:53:50.523 b0 Level-0 table #13: started +2024/03/18-06:53:50.543 b0 Level-0 table #13: 2526942 bytes OK +2024/03/18-06:53:50.545 b0 Delete type=0 #10 +2024/03/18-06:53:59.945 b0 Level-0 table #15: started +2024/03/18-06:53:59.961 b0 Level-0 table #15: 2527193 bytes OK +2024/03/18-06:53:59.963 b0 Delete type=0 #12 +2024/03/18-06:53:59.963 b0 Compacting 4@0 + 1@1 files +2024/03/18-06:54:00.003 b0 Generated table #16@0: 1 keys, 1263638 bytes +2024/03/18-06:54:00.003 b0 Compacted 4@0 + 1@1 files => 1263638 bytes +2024/03/18-06:54:00.004 b0 compacted to: files[ 0 1 1 0 0 0 0 ] +2024/03/18-06:54:00.004 b0 Delete type=2 #7 +2024/03/18-06:54:00.004 b0 Delete type=2 #9 +2024/03/18-06:54:00.004 b0 Delete type=2 #11 +2024/03/18-06:54:00.004 b0 Delete type=2 #13 +2024/03/18-06:54:00.004 b0 Delete type=2 #15 diff --git a/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/MANIFEST-000001 b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/MANIFEST-000001 new file mode 100644 index 00000000..f32afeaf Binary files /dev/null and b/btcrecover/test/test-wallets/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1/MANIFEST-000001 differ diff --git a/btcrecover/test/test-wallets/metamask_vault_v11_12_1.txt b/btcrecover/test/test-wallets/metamask_vault_v11_12_1.txt new file mode 100644 index 00000000..8f6feb08 --- /dev/null +++ b/btcrecover/test/test-wallets/metamask_vault_v11_12_1.txt @@ -0,0 +1 @@ +{"data":"Kxj05Qf3witT0tIBopkUcO9nzzgUunEjIC7NUGUI0mqYVI94lOnBb2uDJhRNgXyog7KYG7/e7ZU9/xg6bVmucpvstEGgWfa2jM0vdGKhh8e9QsxOnAAt9fMXpqhXO8Bo+GUWtX2ykmfqATp1bgpstTzVGZUK+fFn9vpgstCLcLDJlOheR61V7ZkZYsTzhdida/hGan3Dgc0jNDeQDCbf4sd84fFSJiszNQxcvM7tJmy6ARN8zsuxsMGIjySe3UlYxX7anec7rUnG8uduuDs9E1FuP6nYMpWmk4g6KJzVC2dtK7+VKkDs8DJkxdMKhob0Tt5HWWzRYs97uz9c+xPlkQmq10PD/DZqWRvjmQLTwr3es/BIsywCcU8D6646xz4nhu9x1STWeKFep325YXHK+MAHlPX87eWtDb/PGFYe2s+ku7rp6Gh4tRysq7TwRb1VTqlZ85VpCP0aLStHLs8vgtvZ2Au9NztWesaq8cjgXSkGgOxAFMsT4xOHsVI1bB6Suu9fmBKzi0lw3mr4JswSJMb7EBEDeDeXRN5PG88OZm/QGiO6XV+b2TXvA3LzcuAAg5EZd04NhUujuudxRTG1ql2jPUSsqTFUXlBUMZf6TkJfAkp+kcGSbaKfSrd59wzmR/6bPIvepyX68vamKOZ7XAmOsc6C85i6AluH+dpObHMC0lAV4Mv0vlkLMGO9OBPeAUlAAYtoWiVohv7erHLvzKabC8MVSvPDJxZzDrOaojU39aP5RexIM07dYp2PXlWM8/LZkz+GZfGWxw8UcIeq/1vbu+L+SsY=","iv":"IbxXQknyfC6AW3yDKX8kKw==","keyMetadata":{"algorithm":"PBKDF2","params":{"iterations":600000}},"salt":"QU1D7Egd9J+2E+CyPFiZ7Rl8BVAsTX1jESAV2/J4/+A="} \ No newline at end of file diff --git a/btcrecover/test/test_passwords.py b/btcrecover/test/test_passwords.py index 3229f2fa..5c508a29 100644 --- a/btcrecover/test/test_passwords.py +++ b/btcrecover/test/test_passwords.py @@ -1403,6 +1403,14 @@ def test_metamask_leveldb_chrome_cpu(self): def test_metamask_v10_11_3_leveldb_chrome_cpu(self): self.wallet_tester("metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v10_11_3") + @skipUnless(can_load_leveldb, "Unable to load LevelDB module, requires Python 3.8+") + def test_metamask_v11_12_1_leveldb_chrome_cpu(self): + self.wallet_tester("metamask/nkbihfbeogaeaoehlefnkodbefgpgknn-v11_12_1") + + @skipUnless(can_load_leveldb, "Unable to load LevelDB module, requires Python 3.8+") + def test_metamask_v11_12_1_json_chrome_cpu(self): + self.wallet_tester("metamask_vault_v11_12_1.txt") + def test_metamask_JSON_firefox_cpu(self): self.wallet_tester("metamask.9.8.4_firefox_vault") diff --git a/extract-scripts/extract-metamask-vaults.py b/extract-scripts/extract-metamask-vaults.py index 9f6bfbee..7ffa4f27 100644 --- a/extract-scripts/extract-metamask-vaults.py +++ b/extract-scripts/extract-metamask-vaults.py @@ -38,9 +38,9 @@ for record in leveldb_records.iterate_records_raw(): #print(record) #For LDB files and Ronin wallet log files - if b"vault" in record.key or b"encryptedVault" in record.key: + if b"\"vault" in record.key or b"encryptedVault" in record.key: data = record.value.decode("utf-8", "ignore").replace("\\", "") - if "salt" in data: + if "\"salt\"" in data: if data in walletdata_list: continue @@ -49,17 +49,17 @@ if b"data" in record.key: data = record.value.decode("utf-8", "ignore").replace("\\", "") - if "salt" in data: - walletStartText = "vault" + if "\"salt\"" in data: + walletStartText = "\"vault\"" wallet_data_start = data.lower().find(walletStartText) wallet_data_trimmed = data[wallet_data_start:] - wallet_data_start = wallet_data_trimmed.find("data") - wallet_data_trimmed = wallet_data_trimmed[wallet_data_start - 2:] + wallet_data_start = wallet_data_trimmed.find("\"data\"") + wallet_data_trimmed = wallet_data_trimmed[wallet_data_start - 1:] - wallet_data_end = wallet_data_trimmed.find("}") + wallet_data_end = wallet_data_trimmed.find("}\"}") wallet_data = wallet_data_trimmed[:wallet_data_end + 1] if wallet_data in walletdata_list: