Skip to content
/ search-encrypted-data Public

How to search encrypted data from .log file crypto wallets extension.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SimonBolivarPy/search-encrypted-data

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
task.py
task.py
 
 

Repository files navigation

Search-crypto-data

  • Function using regular expresion for search encrypto data from log file extension wallets , metamask, ronin, trustwallet etc.

Example code:

import re
import json

def search_cydata(path):
    with open(path, "r", encoding="utf-8", errors='ignore') as f: file = f.read()
    regex = [
        r'{\\\"data\\\":\\\"(.+?)\\\",\\\"iv\\\":\\\"(.+?)\\\",\\\"salt\\\":\\\"(.+?)\\\"}',
        r'{\\\"encrypted\\\":\\\"(.+?)\\\",\\\"nonce\\\":\\\"(.+?)\\\",\\\"kdf\\\":\\\"pbkdf2\\\",\\\"salt\\\":\\\"(.+?)\\\",\\\"iterations\\\":10000,\\\"digest\\\":\\\"sha256\\\"}', 
        r'{\\\"ct\\\":\\\"(.+?)\\\",\\\"iv\\\":\\\"(.+?)\\\",\\\"s\\\":\\\"(.+?)\\\"}',
        r'{\\\"data\\\":\\\"(.+?)\\\",\\\"iv\\\":\\\"(.+?)\\\",\\\"keyMetadata\\\":{\\\"algorithm\\\":\\\"PBKDF2\\\",\\\"params\\\":{\\\"iterations\\\":(.+?)}},\\\"salt\\\":\\\"(.+?)\\\"}']
    output = []
    
    for i, r in enumerate(regex):
        matches = re.findall(r, file, re.MULTILINE)
        if matches:
            for match in matches:
                iterations = 10000
                data = match[0]
                iv = match[1]
                salt = match[2]
                if len(match[2]) < 7:
                    iterations = int(match[2])
                    salt = match[3]
                vault = {"data": data, "iv": iv, "salt": salt, "iterations": iterations, "type": i}
                output.append(vault)

    if output:
        # Удаление дубликатов
        unique_data = list({json.dumps(obj, sort_keys=True) for obj in output})
        
        # Обратно в словари
        unique_data = [json.loads(item) for item in unique_data]
        return {"status":True, "output": unique_data}
    else:
        return {"status":False, "output": []}


metamask = r"C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\018124.log"
atomic = r"C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gjnckgkfmgmibbkoficdidcljeaaaheg\000005.ldb"
ronin = r"C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\000003.log"
rabby = r"C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch\000003.log"
trustw = r"C:\Users\root\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph\000051.log"


print(search_cydata(metamask))

###End

About

How to search encrypted data from .log file crypto wallets extension.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages