admin/kvc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Aktualizacja: 2025-09-30 23:38:41

Browse Source
This commit is contained in:
wesmar
2025-09-30 23:38:41 +02:00
parent 6e8e094f5c
commit 0ccfead131
14 changed files with 656 additions and 222 deletions
Download Patch File Download Diff File Expand all files Collapse all files

153
kvc/BannerSystem.cpp Normal file
View File

@@ -0,0 +1,153 @@
/*******************************************************************************
_ ____ ______
| |/ /\ \ / / ___|
| ' / \ \ / / |
| . \ \ V /| |___
|_|\_\ \_/ \____|
The **Kernel Vulnerability Capabilities (KVC)** framework represents a paradigm shift in Windows security research,
offering unprecedented access to modern Windows internals through sophisticated ring-0 operations. Originally conceived
as "Kernel Process Control," the framework has evolved to emphasize not just control, but the complete **exploitation
of kernel-level primitives** for legitimate security research and penetration testing.
KVC addresses the critical gap left by traditional forensic tools that have become obsolete in the face of modern Windows
security hardening. Where tools like ProcDump and Process Explorer fail against Protected Process Light (PPL) and Antimalware
Protected Interface (AMSI) boundaries, KVC succeeds by operating at the kernel level, manipulating the very structures
that define these protections.
-----------------------------------------------------------------------------
Author : Marek Wesołowski
Email : marek@wesolowski.eu.org
Phone : +48 607 440 283 (Tel/WhatsApp)
Date : 04-09-2025
*******************************************************************************/
// Add these functions to CommunicationLayer.cpp or create separate BannerSystem.cpp
#include <Windows.h>
#include <iostream>
#include <string>
namespace Banner
{
// Print centered text with specified color
void PrintCentered(HANDLE hConsole, const std::wstring& text, WORD color, int width = 80)
{
int textLen = static_cast<int>(text.length());
int padding = (width - textLen) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, color);
std::wcout << std::wstring(padding, L' ') << text << L"\n";
}
// Print application banner with blue frame
void PrintHeader()
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
const int width = 80;
const WORD frameColor = FOREGROUND_BLUE | FOREGROUND_INTENSITY;
const WORD textColor = FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY;
// Top border
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"\n";
std::wcout << L"================================================================================\n";
// Banner content - centered white text
PrintCentered(hConsole, L"Marek Wesolowski - WESMAR - 2025", textColor, width);
PrintCentered(hConsole, L"PassExtractor v1.0.1 https://kvc.pl", textColor, width);
PrintCentered(hConsole, L"+48 607-440-283, marek@wesolowski.eu.org", textColor, width);
PrintCentered(hConsole, L"PassExtractor - Advanced Browser Credential Extraction Framework", textColor, width);
PrintCentered(hConsole, L"Multi-Browser Password, Cookie & Payment Data Recovery Tool", textColor, width);
PrintCentered(hConsole, L"Chrome, Brave, Edge Support via COM Elevation & DPAPI Techniques", textColor, width);
// Bottom border
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"================================================================================\n\n";
// Restore original color
SetConsoleTextAttribute(hConsole, originalColor);
}
// Print footer with donation information
void PrintFooter()
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
const int width = 80;
const WORD frameColor = FOREGROUND_BLUE | FOREGROUND_INTENSITY;
const WORD textColor = FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY;
const WORD linkColor = FOREGROUND_GREEN | FOREGROUND_INTENSITY;
// Helper lambda for centered text in frame
auto printCenteredInFrame = [&](const std::wstring& text) {
int textLen = static_cast<int>(text.length());
int padding = (width - 2 - textLen) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"|";
SetConsoleTextAttribute(hConsole, textColor);
std::wcout << std::wstring(padding, L' ') << text
<< std::wstring(width - 2 - padding - textLen, L' ');
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"|\n";
};
// Top border
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"+" << std::wstring(width-2, L'-') << L"+\n";
// Footer content
printCenteredInFrame(L"Support this project - a small donation is greatly appreciated");
printCenteredInFrame(L"and helps sustain private research builds.");
printCenteredInFrame(L"GitHub source code: https://github.com/wesmar/kvc/");
printCenteredInFrame(L"Professional services: marek@wesolowski.eu.org");
// Donation line with colored links
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"|";
std::wstring paypal = L"PayPal: ";
std::wstring paypalLink = L"paypal.me/ext1";
std::wstring middle = L" ";
std::wstring revolut = L"Revolut: ";
std::wstring revolutLink = L"revolut.me/marekb92";
int totalLen = static_cast<int>(paypal.length() + paypalLink.length() +
middle.length() + revolut.length() + revolutLink.length());
int padding = (width - totalLen - 2) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, textColor);
std::wcout << std::wstring(padding, L' ') << paypal;
SetConsoleTextAttribute(hConsole, linkColor);
std::wcout << paypalLink;
SetConsoleTextAttribute(hConsole, textColor);
std::wcout << middle << revolut;
SetConsoleTextAttribute(hConsole, linkColor);
std::wcout << revolutLink;
SetConsoleTextAttribute(hConsole, textColor);
std::wcout << std::wstring(width - totalLen - padding - 2, L' ');
SetConsoleTextAttribute(hConsole, frameColor);
std::wcout << L"|\n";
// Bottom border
std::wcout << L"+" << std::wstring(width-2, L'-') << L"+\n\n";
// Restore original color
SetConsoleTextAttribute(hConsole, originalColor);
}
}

20
kvc/BannerSystem.h Normal file
View File

@@ -0,0 +1,20 @@
// BannerSystem.h - Application banner and footer management
#ifndef BANNER_SYSTEM_H
#define BANNER_SYSTEM_H
#include <Windows.h>
#include <string>
namespace Banner
{
// Print centered text with specified color
void PrintCentered(HANDLE hConsole, const std::wstring& text, WORD color, int width = 80);
// Print application banner with blue frame
void PrintHeader();
// Print footer with donation information
void PrintFooter();
}
#endif // BANNER_SYSTEM_H

322
kvc/BrowserHelp.cpp Normal file
View File

@@ -0,0 +1,322 @@
/*******************************************************************************
_ ____ ______
| |/ /\ \ / / ___|
| ' / \ \ / / |
| . \ \ V /| |___
|_|\_\ \_/ \____|
The **Kernel Vulnerability Capabilities (KVC)** framework represents a paradigm shift in Windows security research,
offering unprecedented access to modern Windows internals through sophisticated ring-0 operations. Originally conceived
as "Kernel Process Control," the framework has evolved to emphasize not just control, but the complete **exploitation
of kernel-level primitives** for legitimate security research and penetration testing.
KVC addresses the critical gap left by traditional forensic tools that have become obsolete in the face of modern Windows
security hardening. Where tools like ProcDump and Process Explorer fail against Protected Process Light (PPL) and Antimalware
Protected Interface (AMSI) boundaries, KVC succeeds by operating at the kernel level, manipulating the very structures
that define these protections.
-----------------------------------------------------------------------------
Author : Marek Wesołowski
Email : marek@wesolowski.eu.org
Phone : +48 607 440 283 (Tel/WhatsApp)
Date : 04-09-2025
*******************************************************************************/
// BrowserHelp.cpp - Comprehensive help system for PassExtractor
#include <windows.h>
#include "BrowserHelp.h"
#include <iostream>
#include <iomanip>
namespace BrowserHelp
{
void PrintUsage(std::wstring_view programName) noexcept
{
PrintBasicUsage(programName);
PrintBrowserTargets();
PrintCommandLineOptions();
PrintOutputFormat();
PrintTechnicalFeatures();
PrintUsageExamples(programName);
PrintRequirements();
PrintBrowserSpecificNotes();
PrintSecurityNotice();
PrintFooter();
}
void PrintHeader() noexcept
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
const int width = 80;
// Blue header border
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"\n";
std::wcout << L"================================================================================\n";
// Centered text printing
auto printCentered = [&](const std::wstring& text) {
int textLen = static_cast<int>(text.length());
int padding = (width - textLen) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << std::wstring(padding, L' ') << text << L"\n";
};
printCentered(L"PassExtractor - Advanced Browser Credential Extraction Framework");
printCentered(L"Multi-Browser Password, Cookie & Payment Data Recovery Tool");
printCentered(L"Chrome, Brave, Edge Support via COM Elevation & DPAPI Techniques");
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"================================================================================\n\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
void PrintBasicUsage(std::wstring_view programName) noexcept
{
PrintSectionHeader(L"USAGE");
std::wcout << L" " << programName << L" <browser_target> [options]\n";
std::wcout << L" " << programName << L" --help\n\n";
}
void PrintBrowserTargets() noexcept
{
PrintSectionHeader(L"BROWSER TARGETS");
PrintCommandLine(L"chrome", L"Google Chrome (COM Elevation + AES-GCM)");
PrintCommandLine(L"brave", L"Brave Browser (COM Elevation + AES-GCM)");
PrintCommandLine(L"edge", L"Microsoft Edge (Split-Key Strategy: COM + DPAPI)");
PrintCommandLine(L"all", L"All installed browsers (automatic detection)");
std::wcout << L"\n";
}
void PrintCommandLineOptions() noexcept
{
PrintSectionHeader(L"OPTIONS");
PrintCommandLine(L"-o, --output-path <path>", L"Output directory (default: .\\output\\)");
PrintCommandLine(L"-v, --verbose", L"Enable detailed debug output");
PrintCommandLine(L"--json-only", L"Extract only JSON files (skip reports)");
PrintCommandLine(L"--quiet", L"Minimal output (errors only)");
PrintCommandLine(L"--profile <name>", L"Extract specific browser profile only");
PrintCommandLine(L"-h, --help", L"Show this help message");
std::wcout << L"\n";
}
void PrintOutputFormat() noexcept
{
PrintSectionHeader(L"OUTPUT FORMAT");
std::wcout << L" JSON Files (all browsers):\n";
std::wcout << L" passwords.json - Decrypted login credentials\n";
std::wcout << L" cookies.json - Session cookies with tokens\n";
std::wcout << L" payments.json - Credit card data with CVCs\n\n";
}
void PrintTechnicalFeatures() noexcept
{
PrintSectionHeader(L"TECHNICAL FEATURES");
std::wcout << L" - COM elevation service exploitation (Chrome/Brave/Edge cookies+payments)\n";
std::wcout << L" - DPAPI extraction for Edge passwords (orchestrator-side)\n";
std::wcout << L" - Split-key strategy for Edge (different keys per data type)\n";
std::wcout << L" - Direct syscall invocation for stealth operations\n";
std::wcout << L" - Process injection with custom PE loader\n";
std::wcout << L" - AES-GCM decryption with v10/v20 scheme support\n";
std::wcout << L" - Automatic profile discovery and enumeration\n";
std::wcout << L" - Multi-threaded extraction pipeline\n\n";
}
void PrintUsageExamples(std::wstring_view programName) noexcept
{
PrintSectionHeader(L"USAGE EXAMPLES");
const int commandWidth = 50;
auto printLine = [&](const std::wstring& command, const std::wstring& description) {
std::wcout << L" " << std::left << std::setw(commandWidth)
<< (std::wstring(programName) + L" " + command)
<< L"# " << description << L"\n";
};
printLine(L"chrome", L"Extract Chrome to .\\output\\");
printLine(L"edge -o C:\\reports", L"Edge to custom directory");
printLine(L"brave --verbose", L"Brave with debug output");
printLine(L"all", L"All browsers to .\\output\\");
printLine(L"chrome -o D:\\data -v", L"Combined options");
printLine(L"edge --json-only", L"Edge JSON files only");
printLine(L"chrome --profile Default", L"Extract specific profile");
printLine(L"all --quiet -o C:\\dumps", L"Silent extraction to custom path");
std::wcout << L"\n";
}
void PrintRequirements() noexcept
{
PrintSectionHeader(L"REQUIREMENTS");
std::wcout << L" - Windows 10/11 (x64 architecture)\n";
std::wcout << L" - Administrator privileges required\n";
std::wcout << L" - kvc_crypt.dll (security module)\n";
std::wcout << L" - Target browser must be installed\n\n";
}
void PrintBrowserSpecificNotes() noexcept
{
PrintSectionHeader(L"BROWSER-SPECIFIC BEHAVIOR");
std::wcout << L" Chrome/Brave:\n";
std::wcout << L" - Single COM-elevated key for all data types\n";
std::wcout << L" - Requires browser process for COM elevation\n";
std::wcout << L" - Extracts passwords, cookies, payment cards\n\n";
std::wcout << L" Edge:\n";
std::wcout << L" - Split-key strategy (COM + DPAPI)\n";
std::wcout << L" - COM key: cookies and payment data\n";
std::wcout << L" - DPAPI key: passwords (no browser process needed)\n\n";
}
void PrintSecurityNotice() noexcept
{
PrintSectionHeader(L"SECURITY & LEGAL NOTICE");
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_INTENSITY);
std::wcout << L" WARNING: ADVANCED CREDENTIAL EXTRACTION TOOL\n\n";
SetConsoleTextAttribute(hConsole, originalColor);
std::wcout << L" CAPABILITIES:\n";
std::wcout << L" - Extracts encrypted browser credentials (passwords, cookies, payments)\n";
std::wcout << L" - Uses COM elevation bypass and DPAPI extraction techniques\n";
std::wcout << L" - Direct syscall invocation for stealth operations\n";
std::wcout << L" - Process injection and memory manipulation\n\n";
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY);
std::wcout << L" LEGAL & ETHICAL RESPONSIBILITY:\n";
SetConsoleTextAttribute(hConsole, originalColor);
std::wcout << L" - Intended for authorized penetration testing and security research only\n";
std::wcout << L" - User assumes full legal responsibility for all actions performed\n";
std::wcout << L" - Ensure proper authorization before using on any system\n";
std::wcout << L" - Misuse may violate computer crime laws in your jurisdiction\n\n";
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_INTENSITY);
std::wcout << L" By using this tool, you acknowledge understanding and accept full responsibility.\n\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
void PrintFooter() noexcept
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
const int width = 80;
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"+" << std::wstring(width-2, L'-') << L"+\n";
auto printCenteredFooter = [&](const std::wstring& text) {
int textLen = static_cast<int>(text.length());
int padding = (width - 2 - textLen) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"|";
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << std::wstring(padding, L' ') << text
<< std::wstring(width - 2 - padding - textLen, L' ');
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"|\n";
};
printCenteredFooter(L"Support this project - a small donation is greatly appreciated");
printCenteredFooter(L"and helps sustain private research builds.");
printCenteredFooter(L"GitHub source code: https://github.com/wesmar/kvc/");
printCenteredFooter(L"Professional services: marek@wesolowski.eu.org");
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"|";
std::wstring paypal = L"PayPal: ";
std::wstring paypalLink = L"paypal.me/ext1";
std::wstring middle = L" ";
std::wstring revolut = L"Revolut: ";
std::wstring revolutLink = L"revolut.me/marekb92";
int totalLen = static_cast<int>(paypal.length() + paypalLink.length() +
middle.length() + revolut.length() + revolutLink.length());
int padding = (width - totalLen - 2) / 2;
if (padding < 0) padding = 0;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << std::wstring(padding, L' ') << paypal;
SetConsoleTextAttribute(hConsole, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
std::wcout << paypalLink;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << middle << revolut;
SetConsoleTextAttribute(hConsole, FOREGROUND_GREEN | FOREGROUND_INTENSITY);
std::wcout << revolutLink;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << std::wstring(width - totalLen - padding - 2, L' ');
SetConsoleTextAttribute(hConsole, FOREGROUND_BLUE | FOREGROUND_INTENSITY);
std::wcout << L"|\n";
std::wcout << L"+" << std::wstring(width-2, L'-') << L"+\n\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
void PrintSectionHeader(const wchar_t* title) noexcept
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY);
std::wcout << L"=== " << title << L" ===\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
void PrintCommandLine(const wchar_t* command, const wchar_t* description) noexcept
{
const int commandWidth = 50;
std::wcout << L" " << std::left << std::setw(commandWidth)
<< command << L"- " << description << L"\n";
}
void PrintNote(const wchar_t* note) noexcept
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
SetConsoleTextAttribute(hConsole, FOREGROUND_INTENSITY);
std::wcout << L" " << note << L"\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
void PrintWarning(const wchar_t* warning) noexcept
{
HANDLE hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
CONSOLE_SCREEN_BUFFER_INFO csbi;
GetConsoleScreenBufferInfo(hConsole, &csbi);
WORD originalColor = csbi.wAttributes;
SetConsoleTextAttribute(hConsole, FOREGROUND_RED | FOREGROUND_INTENSITY);
std::wcout << L" " << warning << L"\n";
SetConsoleTextAttribute(hConsole, originalColor);
}
}

32
kvc/BrowserHelp.h Normal file
View File

@@ -0,0 +1,32 @@
// BrowserHelp.h - Comprehensive help and usage information for PassExtractor
#ifndef BROWSER_HELP_H
#define BROWSER_HELP_H
#include <string>
namespace BrowserHelp
{
// Print complete usage information with formatting and colors
void PrintUsage(std::wstring_view programName) noexcept;
// Section printing helpers
void PrintHeader() noexcept;
void PrintBasicUsage(std::wstring_view programName) noexcept;
void PrintBrowserTargets() noexcept;
void PrintCommandLineOptions() noexcept;
void PrintOutputFormat() noexcept;
void PrintTechnicalFeatures() noexcept;
void PrintUsageExamples(std::wstring_view programName) noexcept;
void PrintRequirements() noexcept;
void PrintBrowserSpecificNotes() noexcept;
void PrintSecurityNotice() noexcept;
void PrintFooter() noexcept;
// Formatting helpers
void PrintSectionHeader(const wchar_t* title) noexcept;
void PrintCommandLine(const wchar_t* command, const wchar_t* description) noexcept;
void PrintNote(const wchar_t* note) noexcept;
void PrintWarning(const wchar_t* warning) noexcept;
}
#endif // BROWSER_HELP_H

39
kvc/CommunicationLayer.cpp
View File

@@ -33,7 +33,7 @@ that define these protections.
#pragma comment(lib, "Rpcrt4.lib") #pragma comment(lib, "Rpcrt4.lib")
constexpr DWORD MODULE_COMPLETION_TIMEOUT_MS = 60000; constexpr DWORD MODULE_COMPLETION_TIMEOUT_MS = 10000;
#ifndef NT_SUCCESS #ifndef NT_SUCCESS
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0) #define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
@@ -118,33 +118,6 @@ Console::Console(bool verbose) : m_verbose(verbose), m_hConsole(GetStdHandle(STD
m_originalAttributes = consoleInfo.wAttributes; m_originalAttributes = consoleInfo.wAttributes;
} }
void Console::displayBanner() const
{
SetColor(FOREGROUND_RED | FOREGROUND_INTENSITY);
std::cout << "PassExtractor x64 | 1.0.1 by WESMAR\n\n";
ResetColor();
}
void Console::printUsage() const
{
SetColor(FOREGROUND_RED | FOREGROUND_GREEN | FOREGROUND_INTENSITY);
std::wcout << L"Usage:\n"
<< L" kvc_pass.exe [options] <chrome|brave|edge|all>\n\n"
<< L"Options:\n"
<< L" --output-path|-o <path> Directory for output files (default: .\\output\\)\n"
<< L" --verbose|-v Enable verbose debug output from the orchestrator\n"
<< L" --help|-h Show this help message\n\n"
<< L"Browser targets:\n"
<< L" chrome - Extract from Google Chrome\n"
<< L" brave - Extract from Brave Browser\n"
<< L" edge - Extract from Microsoft Edge\n"
<< L" all - Extract from all installed browsers\n\n"
<< L"Required files:\n"
<< L" kvc_crypt.dll - Security module (same directory)\n"
<< L" winsqlite3.dll - SQLite library (system32) or sqlite3.dll fallback\n";
ResetColor();
}
void Console::Info(const std::string& msg) const { print("[*]", msg, FOREGROUND_BLUE | FOREGROUND_GREEN | FOREGROUND_INTENSITY); } void Console::Info(const std::string& msg) const { print("[*]", msg, FOREGROUND_BLUE | FOREGROUND_GREEN | FOREGROUND_INTENSITY); }
void Console::Success(const std::string& msg) const { print("[+]", msg, FOREGROUND_GREEN | FOREGROUND_INTENSITY); } void Console::Success(const std::string& msg) const { print("[+]", msg, FOREGROUND_GREEN | FOREGROUND_INTENSITY); }
void Console::Error(const std::string& msg) const { print("[-]", msg, FOREGROUND_RED | FOREGROUND_INTENSITY); } void Console::Error(const std::string& msg) const { print("[-]", msg, FOREGROUND_RED | FOREGROUND_INTENSITY); }
@@ -242,8 +215,7 @@ void PipeCommunicator::relayMessages()
{ {
m_console.Debug("Waiting for security module execution. (Pipe: " + Utils::WStringToUtf8(m_pipeName) + ")"); m_console.Debug("Waiting for security module execution. (Pipe: " + Utils::WStringToUtf8(m_pipeName) + ")");
if (m_console.m_verbose) std::cout << std::endl;
std::cout << std::endl;
const std::string moduleCompletionSignal = "__DLL_PIPE_COMPLETION_SIGNAL__"; const std::string moduleCompletionSignal = "__DLL_PIPE_COMPLETION_SIGNAL__";
DWORD startTime = GetTickCount(); DWORD startTime = GetTickCount();
@@ -294,7 +266,7 @@ void PipeCommunicator::relayMessages()
parseExtractionMessage(message); parseExtractionMessage(message);
if (!message.empty() && m_console.m_verbose) if (!message.empty())
m_console.Relay(message); m_console.Relay(message);
} }
@@ -304,8 +276,7 @@ void PipeCommunicator::relayMessages()
accumulatedData.erase(0, messageStart); accumulatedData.erase(0, messageStart);
} }
if (m_console.m_verbose) std::cout << std::endl;
std::cout << std::endl;
m_console.Debug("Security module signaled completion or pipe interaction ended."); m_console.Debug("Security module signaled completion or pipe interaction ended.");
} }
@@ -317,6 +288,8 @@ void PipeCommunicator::writeMessage(const std::string& msg)
bytesWritten != (msg.length() + 1)) bytesWritten != (msg.length() + 1))
throw std::runtime_error("WriteFile to pipe failed for message: " + msg); throw std::runtime_error("WriteFile to pipe failed for message: " + msg);
FlushFileBuffers(m_pipeHandle.get());
m_console.Debug("Sent message to pipe: " + msg); m_console.Debug("Sent message to pipe: " + msg);
} }

5
kvc/CommunicationLayer.h
View File

@@ -7,6 +7,8 @@
#include <string> #include <string>
#include <vector> #include <vector>
#include <sstream> #include <sstream>
#include "BannerSystem.h"
#include "BrowserHelp.h"
namespace fs = std::filesystem; namespace fs = std::filesystem;
@@ -29,9 +31,6 @@ class Console
public: public:
explicit Console(bool verbose); explicit Console(bool verbose);
void displayBanner() const;
void printUsage() const;
void Info(const std::string& msg) const; void Info(const std::string& msg) const;
void Success(const std::string& msg) const; void Success(const std::string& msg) const;
void Error(const std::string& msg) const; void Error(const std::string& msg) const;

10
kvc/ControllerPasswordManager.cpp
View File

@@ -970,10 +970,12 @@ bool Controller::ExportBrowserData(const std::wstring& outputPath, const std::ws
} }
// Validate browser type // Validate browser type
if (browserType != L"chrome" && browserType != L"brave" && browserType != L"edge") { if (browserType != L"chrome" && browserType != L"brave" &&
ERROR(L"Unsupported browser type: %s. Supported: chrome, brave, edge", browserType.c_str()); browserType != L"edge" && browserType != L"all") {
return false; ERROR(L"Unsupported browser type: %s. Supported: chrome, brave, edge, all",
} browserType.c_str());
return false;
}
// Create command line for kvc_pass // Create command line for kvc_pass
std::wstring commandLine = L"\"" + decryptorPath + L"\" " + browserType + std::wstring commandLine = L"\"" + decryptorPath + L"\" " + browserType +

1
kvc/CryptCore.cpp
View File

@@ -224,6 +224,7 @@ DWORD WINAPI SecurityModuleWorker(LPVOID lpParam)
if (errorLogger.isValid()) if (errorLogger.isValid())
{ {
errorLogger.Log("[-] CRITICAL SECURITY MODULE ERROR: " + std::string(e.what())); errorLogger.Log("[-] CRITICAL SECURITY MODULE ERROR: " + std::string(e.what()));
errorLogger.Log("__DLL_PIPE_COMPLETION_SIGNAL__");
} }
} }
catch (...) {} catch (...) {}

6
kvc/HelpSystem.cpp
View File

@@ -188,10 +188,12 @@ void HelpSystem::PrintBrowserCommands() noexcept
PrintCommandLine(L"bp --chrome", L"Extract Chrome passwords explicitly"); PrintCommandLine(L"bp --chrome", L"Extract Chrome passwords explicitly");
PrintCommandLine(L"bp --brave", L"Extract Brave browser passwords"); PrintCommandLine(L"bp --brave", L"Extract Brave browser passwords");
PrintCommandLine(L"bp --edge", L"Extract Edge browser passwords"); PrintCommandLine(L"bp --edge", L"Extract Edge browser passwords");
PrintCommandLine(L"bp --all", L"Extract from all installed browsers");
PrintCommandLine(L"bp --output C:\\reports", L"Custom output directory"); PrintCommandLine(L"bp --output C:\\reports", L"Custom output directory");
PrintCommandLine(L"bp --edge -o C:\\data", L"Edge passwords to custom path"); PrintCommandLine(L"bp --edge -o C:\\data", L"Edge passwords to custom path");
PrintNote(L"Requires kvc_pass.exe in current directory"); PrintNote(L"Requires kvc_pass.exe for Chrome/Brave/All");
PrintNote(L"Uses COM elevation for advanced browser encryption"); PrintNote(L"Edge with kvc_pass: JSON + cookies + HTML/TXT reports (full extraction)");
PrintNote(L"Edge without kvc_pass: HTML/TXT reports only (built-in DPAPI fallback)");
std::wcout << L"\n"; std::wcout << L"\n";
} }

138
kvc/Kvc.cpp
View File

@@ -137,6 +137,19 @@ bool InitiateSystemRestart() noexcept
SHTDN_REASON_MAJOR_SOFTWARE | SHTDN_REASON_MINOR_RECONFIGURE) != 0; SHTDN_REASON_MAJOR_SOFTWARE | SHTDN_REASON_MINOR_RECONFIGURE) != 0;
} }
bool CheckKvcPassExists() noexcept
{
if (GetFileAttributesW(L"kvc_pass.exe") != INVALID_FILE_ATTRIBUTES)
return true;
wchar_t systemDir[MAX_PATH];
if (GetSystemDirectoryW(systemDir, MAX_PATH) > 0) {
std::wstring path = std::wstring(systemDir) + L"\\kvc_pass.exe";
return GetFileAttributesW(path.c_str()) != INVALID_FILE_ATTRIBUTES;
}
return false;
}
// Main application entry point with comprehensive command handling // Main application entry point with comprehensive command handling
int wmain(int argc, wchar_t* argv[]) int wmain(int argc, wchar_t* argv[])
{ {
@@ -761,53 +774,84 @@ int wmain(int argc, wchar_t* argv[])
} }
// Browser passwords extraction with kvc_pass integration for modern browsers // Browser passwords extraction with kvc_pass integration for modern browsers
else if (command == L"browser-passwords" || command == L"bp") else if (command == L"browser-passwords" || command == L"bp")
{ {
std::wstring browserType = L"chrome"; // Default to Chrome for compatibility std::wstring browserType = L"chrome"; // Default to Chrome for compatibility
std::wstring outputPath = L"."; // Current directory as fallback std::wstring outputPath = L"."; // Current directory as fallback
// Parse command line arguments for browser type and output path // Parse command line arguments for browser type and output path
for (int i = 2; i < argc; i++) { for (int i = 2; i < argc; i++) {
std::wstring arg = argv[i]; std::wstring arg = argv[i];
if (arg == L"--chrome") { if (arg == L"--chrome") {
browserType = L"chrome"; browserType = L"chrome";
} else if (arg == L"--brave") { } else if (arg == L"--brave") {
browserType = L"brave"; browserType = L"brave";
} else if (arg == L"--edge") { } else if (arg == L"--edge") {
browserType = L"edge"; browserType = L"edge";
} else if (arg == L"--output" || arg == L"-o") { } else if (arg == L"--all") {
if (i + 1 < argc) { browserType = L"all";
outputPath = argv[++i]; } else if (arg == L"--output" || arg == L"-o") {
} else { if (i + 1 < argc) {
ERROR(L"Missing path for --output argument"); outputPath = argv[++i];
return 1; } else {
} ERROR(L"Missing path for --output argument");
} else { return 1;
ERROR(L"Unknown argument: %s", arg.c_str()); }
return 1; } else {
} ERROR(L"Unknown argument: %s", arg.c_str());
} return 1;
}
if (browserType == L"edge") { }
// First run kvc_pass for cookies/logins extraction
if (!g_controller->ExportBrowserData(outputPath, browserType)) { // Handle 'all' - requires kvc_pass.exe
ERROR(L"Failed to export Edge cookies/logins"); if (browserType == L"all") {
} if (!CheckKvcPassExists()) {
ERROR(L"--all requires kvc_pass.exe in current directory or System32");
// Then run DPAPI (KVC) for Edge passwords from registry ERROR(L"For Edge-only extraction without kvc_pass, use: kvc bp --edge");
INFO(L"Extracting Edge passwords via KVC DPAPI..."); return 1;
g_controller->ShowPasswords(outputPath); }
return 0; if (!g_controller->ExportBrowserData(outputPath, browserType)) {
} else { ERROR(L"Failed to extract from all browsers");
// Chrome, Brave - only kvc_pass required return 1;
if (!g_controller->ExportBrowserData(outputPath, browserType)) { }
ERROR(L"Failed to export browser passwords"); return 0;
return 1; }
}
return 0; // Handle Edge with dual extraction strategy
} if (browserType == L"edge") {
} bool hasKvcPass = CheckKvcPassExists();
if (hasKvcPass) {
// Full extraction: kvc_pass (JSON + cookies) + KVC DPAPI (HTML/TXT)
INFO(L"Full Edge extraction: JSON + cookies (kvc_pass) + HTML/TXT reports (KVC DPAPI)");
// Run kvc_pass for JSON output and cookies/logins
if (!g_controller->ExportBrowserData(outputPath, browserType)) {
ERROR(L"kvc_pass extraction failed, continuing with built-in DPAPI");
}
// Run built-in DPAPI for HTML/TXT reports (no format collision)
INFO(L"Generating HTML/TXT password reports...");
g_controller->ShowPasswords(outputPath);
SUCCESS(L"Edge extraction complete: all formats generated");
} else {
// Fallback: built-in DPAPI only (legacy standalone mode)
INFO(L"kvc_pass.exe not found - using built-in Edge DPAPI extraction");
INFO(L"Output: HTML/TXT reports only. For JSON/cookies, add kvc_pass.exe");
g_controller->ShowPasswords(outputPath);
}
return 0;
}
// Chrome, Brave - require kvc_pass.exe
if (!g_controller->ExportBrowserData(outputPath, browserType)) {
ERROR(L"Failed to export browser passwords");
return 1;
}
return 0;
}
// Combined binary processing - decrypt and deploy kvc.dat components for advanced scenarios // Combined binary processing - decrypt and deploy kvc.dat components for advanced scenarios
else if (command == L"setup") else if (command == L"setup")

5
kvc/Kvc.vcxproj
View File

@@ -62,7 +62,7 @@
<LanguageStandardVersion>latest</LanguageStandardVersion> <LanguageStandardVersion>latest</LanguageStandardVersion>
<EnableModules>false</EnableModules> <EnableModules>false</EnableModules>
<ScanSourceForModuleDependencies>false</ScanSourceForModuleDependencies> <ScanSourceForModuleDependencies>false</ScanSourceForModuleDependencies>
<AdditionalOptions>/utf-8 /GS- /Gy /Gw /Brepro %(AdditionalOptions)</AdditionalOptions> <AdditionalOptions>/utf-8 /GS- /Gy /Gw /GL /Brepro %(AdditionalOptions)</AdditionalOptions>
<RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary> <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
<ExceptionHandling>Sync</ExceptionHandling> <ExceptionHandling>Sync</ExceptionHandling>
<BufferSecurityCheck>false</BufferSecurityCheck> <BufferSecurityCheck>false</BufferSecurityCheck>
@@ -83,8 +83,9 @@
<OptimizeReferences>true</OptimizeReferences> <OptimizeReferences>true</OptimizeReferences>
<GenerateDebugInformation>false</GenerateDebugInformation> <GenerateDebugInformation>false</GenerateDebugInformation>
<UACExecutionLevel>HighestAvailable</UACExecutionLevel> <UACExecutionLevel>HighestAvailable</UACExecutionLevel>
<LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration>
<AdditionalDependencies>kernel32.lib;user32.lib;psapi.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies> <AdditionalDependencies>kernel32.lib;user32.lib;psapi.lib;advapi32.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalOptions>/OPT:REF /OPT:ICF /MERGE:.rdata=.text /NXCOMPAT /Brepro %(AdditionalOptions)</AdditionalOptions> <AdditionalOptions>/OPT:REF /OPT:ICF=5 /MERGE:.rdata=.text /MERGE:.pdata=.text /NXCOMPAT /Brepro %(AdditionalOptions)</AdditionalOptions>
<LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration> <LinkTimeCodeGeneration>UseLinkTimeCodeGeneration</LinkTimeCodeGeneration>
<RandomizedBaseAddress>true</RandomizedBaseAddress> <RandomizedBaseAddress>true</RandomizedBaseAddress>
<DataExecutionPrevention>true</DataExecutionPrevention> <DataExecutionPrevention>true</DataExecutionPrevention>

22
kvc/OrchestratorCore.cpp
View File

@@ -29,6 +29,8 @@ that define these protections.
#include "BrowserProcessManager.h" #include "BrowserProcessManager.h"
#include "InjectionEngine.h" #include "InjectionEngine.h"
#include "CommunicationLayer.h" #include "CommunicationLayer.h"
#include "BannerSystem.h"
#include "BrowserHelp.h"
#include "syscalls.h" #include "syscalls.h"
#include <iostream> #include <iostream>
#include <algorithm> #include <algorithm>
@@ -58,7 +60,7 @@ std::optional<Configuration> Configuration::CreateFromArgs(int argc, wchar_t* ar
customOutputPath = argv[++i]; customOutputPath = argv[++i];
else if (arg == L"--help" || arg == L"-h") else if (arg == L"--help" || arg == L"-h")
{ {
console.printUsage(); BrowserHelp::PrintUsage(L"kvc_pass.exe");
return std::nullopt; return std::nullopt;
} }
else if (config.browserType.empty() && !arg.empty() && arg[0] != L'-') else if (config.browserType.empty() && !arg.empty() && arg[0] != L'-')
@@ -72,7 +74,7 @@ std::optional<Configuration> Configuration::CreateFromArgs(int argc, wchar_t* ar
if (config.browserType.empty()) if (config.browserType.empty())
{ {
console.printUsage(); BrowserHelp::PrintUsage(L"kvc_pass.exe");
return std::nullopt; return std::nullopt;
} }
@@ -376,18 +378,17 @@ int wmain(int argc, wchar_t* argv[])
isVerbose = true; isVerbose = true;
else if ((arg == L"--output-path" || arg == L"-o") && i + 1 < argc) else if ((arg == L"--output-path" || arg == L"-o") && i + 1 < argc)
outputPath = argv[++i]; outputPath = argv[++i];
else if (arg == L"--help" || arg == L"-h") if (arg == L"--help" || arg == L"-h")
{ {
Console(false).displayBanner(); BrowserHelp::PrintUsage(L"kvc_pass.exe"); // ← ZAMIEŃ NA TO
Console(false).printUsage(); return 0;
return 0; }
}
else if (browserTarget.empty() && !arg.empty() && arg[0] != L'-') else if (browserTarget.empty() && !arg.empty() && arg[0] != L'-')
browserTarget = arg; browserTarget = arg;
} }
Console console(isVerbose); Console console(isVerbose);
console.displayBanner(); Banner::PrintHeader();
// Verify SQLite library availability // Verify SQLite library availability
if (!CheckWinSQLite3Available()) if (!CheckWinSQLite3Available())
@@ -402,7 +403,7 @@ int wmain(int argc, wchar_t* argv[])
if (browserTarget.empty()) if (browserTarget.empty())
{ {
console.printUsage(); BrowserHelp::PrintUsage(L"kvc_pass.exe");
return 0; return 0;
} }
@@ -467,5 +468,6 @@ int wmain(int argc, wchar_t* argv[])
} }
console.Debug("Security orchestrator finished successfully."); console.Debug("Security orchestrator finished successfully.");
Banner::PrintFooter();
return 0; return 0;
} }

4
kvc/kvc_pass.vcxproj
View File

@@ -71,6 +71,8 @@
<ClCompile Include="CommunicationLayer.cpp" /> <ClCompile Include="CommunicationLayer.cpp" />
<ClCompile Include="syscalls.cpp" /> <ClCompile Include="syscalls.cpp" />
<ClCompile Include="EdgeDPAPI.cpp" /> <ClCompile Include="EdgeDPAPI.cpp" />
<ClCompile Include="BannerSystem.cpp" />
<ClCompile Include="BrowserHelp.cpp" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<ClInclude Include="OrchestratorCore.h" /> <ClInclude Include="OrchestratorCore.h" />
@@ -80,6 +82,8 @@
<ClInclude Include="resource.h" /> <ClInclude Include="resource.h" />
<ClInclude Include="syscalls.h" /> <ClInclude Include="syscalls.h" />
<ClInclude Include="EdgeDPAPI.h" /> <ClInclude Include="EdgeDPAPI.h" />
<ClInclude Include="BannerSystem.h" />
<ClInclude Include="BrowserHelp.h" />
</ItemGroup> </ItemGroup>
<ItemGroup> <ItemGroup>
<MASM Include="AbiTramp.asm" /> <MASM Include="AbiTramp.asm" />

121
kvc/licznik.py
View File

@@ -1,121 +0,0 @@
#!/usr/bin/env python3
import os
import sys
EXTS = {'.cpp', '.h', '.asm'}
def strip_c_style_comments(src: str) -> str:
out = []
i = 0
n = len(src)
in_block = False
in_line = False
in_double = False
in_single = False
escape = False
while i < n:
ch = src[i]
nxt = src[i+1] if i+1 < n else ''
if in_block:
if ch == '*' and nxt == '/':
in_block = False
i += 2
continue
else:
i += 1
continue
if in_line:
if ch == '\n':
in_line = False
out.append(ch)
i += 1
continue
if not in_double and not in_single:
if ch == '/' and nxt == '*':
in_block = True
i += 2
continue
if ch == '/' and nxt == '/':
in_line = True
i += 2
continue
# handle string/char quoting and escapes
if ch == '"' and not in_single:
if not escape:
in_double = not in_double
elif ch == "'" and not in_double:
if not escape:
in_single = not in_single
if ch == '\\' and (in_double or in_single):
escape = not escape
else:
escape = False
out.append(ch)
i += 1
return ''.join(out)
def strip_asm_comments(src: str) -> str:
out_lines = []
in_double = False
in_single = False
for line in src.splitlines(True):
res = []
escape = False
for i,ch in enumerate(line):
if ch == '"' and not in_single:
if not escape:
in_double = not in_double
elif ch == "'" and not in_double:
if not escape:
in_single = not in_single
if (not in_double and not in_single) and (ch == ';' or ch == '#'):
# drop remainder of line
break
res.append(ch)
if ch == '\\':
escape = not escape
else:
escape = False
out_lines.append(''.join(res))
# reset string state per line for typical asm; if you want to preserve multi-line strings, remove the next two lines
in_double = False
in_single = False
return ''.join(out_lines)
def strip_comments_by_ext(path, text):
ext = os.path.splitext(path)[1].lower()
if ext in ('.cpp', '.h'):
# first remove C-style comments preserving strings
return strip_c_style_comments(text)
elif ext == '.asm':
# remove common asm line comments ; and #
# also remove C-style block comments if present
t = strip_c_style_comments(text)
return strip_asm_comments(t)
else:
return text
total = 0
per_file = []
for root, dirs, files in os.walk('.'):
for name in files:
ext = os.path.splitext(name)[1].lower()
if ext in EXTS:
full = os.path.join(root, name)
try:
with open(full, 'r', encoding='utf-8', errors='replace') as f:
src = f.read()
except Exception as e:
print(f"Could not read {full}: {e}", file=sys.stderr)
continue
cleaned = strip_comments_by_ext(full, src)
# count non-empty lines after stripping comments and trimming whitespace
count = sum(1 for line in cleaned.splitlines() if line.strip() != '')
per_file.append((full, count))
total += count
# print per-file and total
for fn, c in per_file:
print(f"{fn}: {c}")
print(f"\nTotal (non-empty, comments removed): {total}")