知秋

观一叶而知秋

0%

解密Chrome浏览器保存在本地的用户名密码

发表于

谷歌(包括微软Edge)浏览器保存的Cookie及网站用户名密码都是以sqlite数据库文件存储在本地的,Linux系统下的目录为~/.config/microsoft-edge/Default,Windows系统下目录为C:\Users{user}\AppData\Local\Google\Chrome\User Data\Default,其中的Login Data和Cookies文件就是存储密码的数据库文件。

注: Windows、Linux和Mac获取password_value的逻辑稍有不同,Windows的密钥是存储在文件中的,Linux和Mac可以通过DBUS接口获取。

安装依赖库

1
pip install cryptography SecretStorage

主体代码如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#! /usr/bin/env python3

from cryptography.hazmat.primitives.ciphers import Cipher
from cryptography.hazmat.primitives.ciphers.algorithms import AES
from cryptography.hazmat.primitives.ciphers.modes import CBC
from cryptography.hazmat.primitives.hashes import SHA1
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC

from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC

import secretstorage

# Function to get rid of padding
def clean(decrypted: bytes) -> str:
    last = decrypted[-1]
    if isinstance(last, int):
            return decrypted[:-last].decode("utf8")
    return decrypted[: -ord(last)].decode("utf8")

# 获取Chrome密钥
def find_pass():
    bus = secretstorage.dbus_init()
    collection = secretstorage.get_default_collection(bus)
    for item in collection.get_all_items():
        print(item.get_label(), " :", item.get_secret())
        if item.get_label() == 'Chromium Safe Storage':
            return item.get_secret()
    else:
        raise Exception('Chrome password not found!')

#密文,前三个字符一般为v10或v11
password_value = b'v11******'

kdf = PBKDF2HMAC(
        algorithm=SHA1(),
        iterations=1,
        length=16,
        salt=b'saltysalt',
    )
enc_key = kdf.derive(find_pass())

cipher = Cipher(algorithm=AES(enc_key),mode=CBC(b'                '))

encrypted_value = password_value[3:]
decryptor = cipher.decryptor()
decrypted = decryptor.update(encrypted_value) + decryptor.finalize()
print(clean(decrypted))

参考链接:

https://www.cnblogs.com/CourserLi/p/16941184.html

https://www.jianshu.com/p/9ad6e8087c58

https://github.com/n8henrie/pycookiecheat

http://www.meilongkui.com/archives/1904

https://stackoverflow.com/questions/23153159/decrypting-chromium-cookies/23727331#23727331