dissect.target.plugins.apps.browser.chromium¶
Module Contents¶
Classes¶
Mixin class with methods for Chromium-based browsers. |
|
Chromium browser plugin. |
Functions¶
struct chrome_pass { |
Attributes¶
- dissect.target.plugins.apps.browser.chromium.HAS_CRYPTO = True¶
- dissect.target.plugins.apps.browser.chromium.CHROMIUM_DOWNLOAD_RECORD_FIELDS = [('uri', 'tab_url'), ('uri', 'tab_referrer_url'), ('string', 'mime_type')]¶
- class dissect.target.plugins.apps.browser.chromium.ChromiumMixin¶
Mixin class with methods for Chromium-based browsers.
- DIRS = []¶
- BrowserHistoryRecord¶
- BrowserCookieRecord¶
- BrowserDownloadRecord¶
- BrowserExtensionRecord¶
- BrowserPasswordRecord¶
- check_compatible() None¶
- history(browser_name: str | None = None) Iterator[BrowserHistoryRecord]¶
Return browser history records from supported Chromium-based browsers.
- Parameters:
browser_name – The name of the browser as a string.
- Yields:
Records with the following fields – ts (datetime): Visit timestamp. browser (string): The browser from which the records are generated from. id (string): Record ID. url (uri): History URL. title (string): Page title. description (string): Page description. rev_host (string): Reverse hostname. visit_type (varint): Visit type. visit_count (varint): Amount of visits. hidden (string): Hidden value. typed (string): Typed value. session (varint): Session value. from_visit (varint): Record ID of the “from” visit. from_url (uri): URL of the “from” visit. source: (path): The source file of the history record.
- cookies(browser_name: str | None = None) Iterator[BrowserCookieRecord]¶
Return browser cookie records from supported Chromium-based browsers.
- Parameters:
browser_name – The name of the browser as a string.
- Yields:
Records with the following fields – ts_created (datetime): Cookie created timestamp. ts_last_accessed (datetime): Cookie last accessed timestamp. browser (string): The browser from which the records are generated from. name (string): The cookie name. value (string): The cookie value. host (string): Cookie host key. path (string): Cookie path. expiry (varint): Cookie expiry. is_secure (bool): Cookie secury flag. is_http_only (bool): Cookie http only flag. same_site (bool): Cookie same site flag.
- downloads(browser_name: str | None = None) Iterator[BrowserDownloadRecord]¶
Return browser download records from supported Chromium-based browsers.
- Parameters:
browser_name – The name of the browser as a string.
- Yields:
Records with the following fields – ts_start (datetime): Download start timestamp. ts_end (datetime): Download end timestamp. browser (string): The browser from which the records are generated from. id (string): Record ID. path (string): Download path. url (uri): Download URL. tab_url (string): Tab URL. tab_referrer_url (string): Referrer URL. size (varint): Download file size. mime_type (string): MIME type. state (varint): Download state number. source: (path): The source file of the download record.
- extensions(browser_name: str | None = None) Iterator[BrowserExtensionRecord]¶
Iterates over all installed extensions for a given browser.
- Parameters:
browser_name (str) – Name of the browser to scan for extensions.
- Yields:
Records with the following fields – ts_install (datetime): Extension install timestamp. ts_update (datetime): Extension update timestamp. browser (string): The browser from which the records are generated. id (string): Extension unique identifier. name (string): Name of the extension. short_name (string): Short name of the extension. default_title (string): Default title of the extension. description (string): Description of the extension. version (string): Version of the extension. ext_path (path): Relative path of the extension. from_webstore (boolean): Extension from webstore. permissions (string[]): Permissions of the extension. manifest (varint): Version of the extensions’ manifest. source: (path): The source file of the download record.
- passwords(browser_name: str = None) Iterator[BrowserPasswordRecord]¶
Return browser password records from Chromium browsers.
- Chromium on Linux has
basic,gnomeandkwalletmethods for password storage: basicciphertext prefixed withv10and encrypted with hard coded parameters.gnomeandkwalletciphertext prefixed withv11which is not implemented (yet).
Chromium on Windows uses DPAPI user encryption.
The SHA1 hash of the user’s password or the plaintext password is required to decrypt passwords when dealing with encrypted passwords created with Chromium v80 (February 2020) and newer.
You can supply a SHA1 hash or plaintext password using the keychain.
- Chromium on Linux has
- class dissect.target.plugins.apps.browser.chromium.ChromiumPlugin(target: dissect.target.target.Target)¶
Bases:
ChromiumMixin,dissect.target.plugins.apps.browser.browser.BrowserPluginChromium browser plugin.
- __namespace__ = 'chromium'¶
- DIRS = ['.config/chromium/Default', '.var/app/org.chromium.Chromium/config/chromium/Default',...¶
- history() Iterator[ChromiumMixin]¶
Return browser history records for Chromium browser.
- cookies() Iterator[ChromiumMixin]¶
Return browser cookie records for Chromium browser.
- downloads() Iterator[ChromiumMixin]¶
Return browser download records for Chromium browser.
- extensions() Iterator[ChromiumMixin]¶
Return browser extension records for Chromium browser.
- passwords() Iterator[ChromiumMixin]¶
Return browser password records for Chromium browser.