Cookie Editor 加解密算法

Cookie Editor 加解密算法

Cookie Editor v2.1.0.0提供了编辑浏览器所有Cookie的功能,并且可以导入、导出文件功能。

但因导出时必须设置密码进行加密,所以难以使用文本编辑工具对Cookie进行修改。

查看这个插件的源代码后发现使用了Web Crypto API中的AES-GCM

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
const m = function() {}

v = function(a, b, c, d, e, f) {
       // console.log(a, b, c, d, e, f)
       a = (new TextEncoder("utf-8")).encode(a);
       a = new Uint8Array(a);
       b = (new TextEncoder("utf-8")).encode(b);
       const g = new Uint8Array(b)
         , h = function(a) {
           f(new Uint8Array(a))
       };
       crypto.subtle.importKey("raw", a, {
           name: "PBKDF2"
       }, !1, ["deriveBits"]).then(function(a) {
           crypto.subtle.deriveBits({
               name: "PBKDF2",
               salt: g,
               iterations: c,
               hash: e
           }, a, 8 * d).then(h, m)
       }, m)
   }

   J = function(a, b, c, d) {
       var e, f;
       const g = function(a) {
           a = Array.from(f).concat(Array.from(new Uint8Array(a)));
           d(btoa(String.fromCharCode.apply(null, new Uint8Array(a))))
       }
         , k = function(b) {
           window.crypto.subtle.encrypt({
               name: "AES-GCM",
               iv: f,
               tagLength: 128
           }, b, (new TextEncoder("utf-8")).encode(a)).then(g, m)
       }
         , h = function(a) {
           f = a;
           window.crypto.subtle.importKey("raw", e, {
               name: "AES-GCM"
           }, !1, ["encrypt"]).then(k, m)
       };
       v(b, b + b, Math.pow(2, c), 32, "SHA-256", function(c) {
           e = c;
           c = btoa(String.fromCharCode.apply(null, window.crypto.getRandomValues(new Uint8Array(12))));
           v(b + c, a , 1, 12, "SHA-256", h)
       })
   }

   
   K = function(a) {
       return new Uint8Array(atob(a).split("").map(a=>a.charCodeAt(0)))
   }

   L = function(a, b, c, d) {
       const e = Array.from(K(a))
         , f = function(a) {
           d((new TextDecoder("utf-8")).decode(new Uint8Array(a)))
       }
         , g = function(a) {
           window.crypto.subtle.decrypt({
               name: "AES-GCM",
               iv: new Uint8Array(e.slice(0, 12)),
               tagLength: 128
           }, a, new Uint8Array(e.slice(12))).then(f, m)
       };
       v(b, b + b, Math.pow(2, c), 32, "SHA-256", function(a) {
           window.crypto.subtle.importKey("raw", a, {
               name: "AES-GCM"
           }, !1, ["decrypt"]).then(g, m)
       })
   }

   // J: encrypt
   // L: decrypt

   // J('plain_text',"password",10,function(a){
   //     L(a, "password", 10, function(a){console.log(a)})
   // })

// 修改Cookie
   var json_str = '{"url":"https://www.hotcleaner.com/cookie-editor/cookie-manager.html","version":2,"data":"AXdPbb9bVB5iMGcZFWsijGDZqVkLupESXAHqtC0jI4EFVLaceoTRincLZnQlj+sExuf9C9nDt9FYY8jsM8zHYfUC7nVMw4jV4kYmQ+ly1vxf1YquNweT2Yo1NsONf5n61AutuH9IsNuWzbz6Al45bgMw1YY2o1nHkJVuteWEHyxyu9xN/vXyzZl/1oZ4hr8R9z676IWGZE7yG9WQF8+u6kLud5M0gxS/yevgmCO26hmCa/UUtdTmkKQhVYybiopRUEgSlA2RWlYRufp6OX8EoSh/IO8CHlbNZEl3MJkn7Kcz8aR50/2/3VXQKB0PXr+7Z/KVt87obVfPUUhoMfxkEZc/pJqCr3M6BmfvIkJaGwEO7tHMstTivW8O8TpvwyAXktYAH9x5BvlPDin/LR6oTJ+s"}'
   var d = JSON.parse(json_str)
   var data = d.data;
   L(data,"123456", 10, function(a){
       var d2 = JSON.parse(a)
       d2[0]['value']='test'
       var s = JSON.stringify(d2)
       J(s,"123456",10,function(a){
           console.log(a)
           d['data']=a
           console.log(JSON.stringify(d))
       })
   })

image-20210413092125638